[web] Start a simple web server

This guide will demonstrates how to create your own small local web server with php support via compiling both of them.

I'm using ubuntu 16.04 for this, But any version should do it.

Contents:
1- Compile nginx from source
2- Compile php from source
3- Edit nginx config
4- Start the server

- Prepare the working directory:
Simply create a new working directory and cd into it
And create a nginx prefix directory (mkdir anything) And a php prefix directory (mkdir anythingphp)

Compile nginx from source

I'll compile nginx from source.
Firstly: download nginx source from nginx website.
http://nginx.org/en/download.html
Note that you need to download the one without windows name in it.
extract that gzip into the working directory.
I prefer to compile that into a custom prefix but it's fine if you dont.
Compile nginx via:

./configure --prefix=/hereisyourprefix
make
make install

Change /hereisyourprefix to your nginx prefix

Compile php from source

Download php from:

http://php.net/downloads.php 

Extract that into the working directory and cd into it.
Compile php via:

./configure --prefix=/hereisyourprefix
make
make install

Change /hereisyourprefix to your php prefix

Edit nginx config

Open [prefix]/conf/nginx.conf using your favorite text editor and:

add

location ~ \.php$ {
            root           html;
            fastcgi_pass   127.0.0.1:9857;
            fastcgi_index  index.php;
            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
            include        fastcgi_params;
        }

After

error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }

And change the other parameters if needed

Start the server

Cd into sbin folder inside nginx prefix folder and Run:

./nginx -p nginxprefixdir

Change nginxprefixdir into your nginx prefix folder.

And then Open A new terminal then cd into the bin folder inside php prefix folder.
Then run php via:

./php-cgi -b 127.0.0.1:9857

[openssl] Create your own certificate authority

This guide will demonstrates how to create your own certificate authority for simple uses

I'm using ubuntu 16.04 for this, But any version should do it.
Firstly, make sure that you have updated openssl to the latest version available.

Contents:
1- Create a simple private key
2- Self-sign the certificate
3- Install the certificate to devices
4- Create a website certificate
    |
    |_ Create a website private key
    |
    |_ Create an certificate signing request
    |
    |_ Sign the signing request with your ca

- Prepare the working directory:

 Simply create a new directory and name it as you like (change simpleca with anything):

mkdir simpleca
cd simpleca

Create a simple private key

Creating a simple private key is very easy.
Make sure you don't create a key less than 2048 bits.
And also this called "Private" for a reason, if anyone have it then anyone would sign any certificate with your ca.
In this example i will create a 4096-bit key:

openssl genrsa -out rootkey.pem 4096

rootkey.pem: Output file name
4096: Key length
Key length can be {2048,3072,4096,7168,8192} and so on.
Remember: Anything less than 2048 is insecure nowadays and more secure on 3072,4096 and so on.
And higher key length's will require more CPU power.

Self-sign the certificate

Simply do:

openssl req -x509 -new -nodes -key rootkey.pem -sha256 -days 1024 -out rootcert.pem

rootkey.pem: Key filename
-sha256: Hash algorithm
1024: Number of days the certificate will be valid
rootcert.pem: Output certificate filename
Hash algorithm can be {-sha1,-sha224,-sha256,-sha384 and -sha512}.
Using sha1 isn't recommended.
You will be asked some info that will be on the output certificate.
Example of using sha512 and valid for 8 years:

openssl req -x509 -new -nodes -key rootkey.pem -sha512 -days 2922 -out rootcert.pem

Install the certificate to devices

To install it into an android device you need to convert it into crt format via:

openssl x509 -inform PEM -outform DER -in rootcert.pem -out rootcert.crt

rootcert.pem: Input pem file
rootcert.crt: Output crt file
After that you need to copy it into the device then:
Open settings then Security then Install from SD card (From Credential storage).

For ios (skip step1): https://blogs.technet.microsoft.com/uclobby/2014/01/09/installing-private-ca-root-certificate-on-ios-devices/

Create a website certificate

- Create a website private key:

openssl genrsa -out websitekey.pem 4096

websitekey.pem: Output file name
4096: Key length

 - Create an certificate signing request:

openssl req -new -key websitekey.pem -out websitereq.csr

websitekey.pem: Input key file
websitereq.csr: Output request file
You will be asked some info that will be on the output certificate.
Note that the common name field (CN) is the website dns address.

- Sign the signing request with your ca:

openssl x509 -req -in websitereq.csr -CA rootcert.pem -CAkey rootkey.pem -CAcreateserial -out websitecert.pem -days 500 -sha512

websitereq.csr: Input request file
rootcert.pem: Input CA certificate file
rootkey.pem: Input CA private key file
websitecert.pem: Output website certificate file
500: Number of days to sign the certificate with

Hello everyone!

Hello everyone!
This is my blog where i will share everything about computers [linux,windows,android,kernel,openssl,etc]