Overclock.net › Forums › Software, Programming and Coding › Operating Systems › Linux, Unix › Apache2 SSL self-signed help
New Posts  All Forums:Forum Nav:

Apache2 SSL self-signed help

post #1 of 21
Thread Starter 
I am working on an owncloud server running on an Ubuntu 14.04 server.

I have never made an apache server before so it's a steep learning curve. Right now I am trying to get SSL working. Eventually the server will be made public, however right now it's just inside my network.

These are the steps I have completed:
Code:
sudo a2enmod ssl
sudo a2ensite default-ssl
sudo service apache2 reload

Is there any problem with leaving it like that? I believe this is using the default snakeoil cert and key. (which tbh means nothing to me)

Or should I change that and create my own seperate signed cert? If so, how?

And how do I force SSL? Right now it runs as http:// unless I specify https:// in the URL.

Appreciate any help! Thanks!
Hellbringer
(15 items)
 
Guardian
(9 items)
 
 
CPUMotherboardGraphicsRAM
Intel Core i7-6700K Skylake ASUS MAXIMUS VIII HERO SAPPHIRE 100311-2SR Radeon HD 6970 2GB GDDR5 G.SKILL Trident Z 16GB (2x8GB) DDR4 3200MHz 14-... 
Hard DriveHard DriveOptical DriveCooling
Samsung 950 Pro 512GB PCIe M.2 SSD WD Black 2TB 7200RPM SATAIII HDD ASUS Zen OpticalDrive USB G.Skill Turbulence II RAM Fan 
OSMonitorKeyboardPower
Microsoft Windows 10 Home Premium 64-bit Samsung BX2350 23" 1080p 2ms LED backlit S.T.R.I.K.E. 7 EVGA SuperNova G2 1000W Modular Power Supply 
CaseMouseAudio
Thermaltake Core P5 Open-Air Chassis Saitek Cyborg R.A.T. 7 The Infection Logitech Z5500 5.1 Surround 
  hide details  
Reply
Hellbringer
(15 items)
 
Guardian
(9 items)
 
 
CPUMotherboardGraphicsRAM
Intel Core i7-6700K Skylake ASUS MAXIMUS VIII HERO SAPPHIRE 100311-2SR Radeon HD 6970 2GB GDDR5 G.SKILL Trident Z 16GB (2x8GB) DDR4 3200MHz 14-... 
Hard DriveHard DriveOptical DriveCooling
Samsung 950 Pro 512GB PCIe M.2 SSD WD Black 2TB 7200RPM SATAIII HDD ASUS Zen OpticalDrive USB G.Skill Turbulence II RAM Fan 
OSMonitorKeyboardPower
Microsoft Windows 10 Home Premium 64-bit Samsung BX2350 23" 1080p 2ms LED backlit S.T.R.I.K.E. 7 EVGA SuperNova G2 1000W Modular Power Supply 
CaseMouseAudio
Thermaltake Core P5 Open-Air Chassis Saitek Cyborg R.A.T. 7 The Infection Logitech Z5500 5.1 Surround 
  hide details  
Reply
post #2 of 21
Thread Starter 
I found a way to force SSL. I added the following to /etc/apache2/sites-enabled/000-default.conf :
Code:
ServerName 192.168.xxx.xxx
Redirect permanent / https://192.168.xxx.xxx/

Seems to have worked. Still need help with the SSL certificate stuff though, not sure if I should leave it like that or create a separate certificate or how to do that. Thanks in advance!
Hellbringer
(15 items)
 
Guardian
(9 items)
 
 
CPUMotherboardGraphicsRAM
Intel Core i7-6700K Skylake ASUS MAXIMUS VIII HERO SAPPHIRE 100311-2SR Radeon HD 6970 2GB GDDR5 G.SKILL Trident Z 16GB (2x8GB) DDR4 3200MHz 14-... 
Hard DriveHard DriveOptical DriveCooling
Samsung 950 Pro 512GB PCIe M.2 SSD WD Black 2TB 7200RPM SATAIII HDD ASUS Zen OpticalDrive USB G.Skill Turbulence II RAM Fan 
OSMonitorKeyboardPower
Microsoft Windows 10 Home Premium 64-bit Samsung BX2350 23" 1080p 2ms LED backlit S.T.R.I.K.E. 7 EVGA SuperNova G2 1000W Modular Power Supply 
CaseMouseAudio
Thermaltake Core P5 Open-Air Chassis Saitek Cyborg R.A.T. 7 The Infection Logitech Z5500 5.1 Surround 
  hide details  
Reply
Hellbringer
(15 items)
 
Guardian
(9 items)
 
 
CPUMotherboardGraphicsRAM
Intel Core i7-6700K Skylake ASUS MAXIMUS VIII HERO SAPPHIRE 100311-2SR Radeon HD 6970 2GB GDDR5 G.SKILL Trident Z 16GB (2x8GB) DDR4 3200MHz 14-... 
Hard DriveHard DriveOptical DriveCooling
Samsung 950 Pro 512GB PCIe M.2 SSD WD Black 2TB 7200RPM SATAIII HDD ASUS Zen OpticalDrive USB G.Skill Turbulence II RAM Fan 
OSMonitorKeyboardPower
Microsoft Windows 10 Home Premium 64-bit Samsung BX2350 23" 1080p 2ms LED backlit S.T.R.I.K.E. 7 EVGA SuperNova G2 1000W Modular Power Supply 
CaseMouseAudio
Thermaltake Core P5 Open-Air Chassis Saitek Cyborg R.A.T. 7 The Infection Logitech Z5500 5.1 Surround 
  hide details  
Reply
post #3 of 21
A quick cheatsheet I'd recommend:
  • Create a self signed cert (snake oil isn't secure):
    Code:
    # replace "test" with your OwnCloud's domain name.
    domain=test; openssl req -x509 -newkey rsa:2048 -keyout $domain.key -out $domain.pem -days 1095 -nodes
    
  • install your public key both on the server and on any desktops you're likely to use OwnCloud on (this will mean you will get a warning in the unlikely scenario that someone tries to MITM you with their own self signed. It will also remove those annoying warnings that browsers give with self signed certs)
  • Change your SSL config to follow secure best practices (eg disabling SSL). The following is a good guide:
    https://wiki.mozilla.org/Security/Server_Side_TLS#Apache
    Don't forget to include a ciphersuite (https://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility), use either Modern or Intermediate.
  • Add a 301 redirect from port 80 (HTTP) to HTTPS:// within your OwnCloud root folders .htaccess file:
    http://www.besthostratings.com/articles/force-ssl-htaccess.html

That should get your SSL config up to a strong security standard (bar the self signed cert, but there are services available which can give you a free SSL cert however I've not used them so cannot advise there).

Next lets just tidy up a few information leaks in Apache and PHP:
http://ask.xmodulo.com/turn-off-server-signature-apache-web-server.html
Note that this doesn't make your server more secure, but there's generally no good reason to leak this information anyway so it makes more sense to turn it off.

Lastly, if SSH on this box enabled and accessible from the internet? If so, then you need to secure that too:
https://www.digitalocean.com/community/tutorials/how-to-protect-ssh-with-fail2ban-on-ubuntu-12-04
post #4 of 21
Thread Starter 
Thank you Plan9 for your assistance.

For creating the certificate/key, would this be a better choice? :
Code:
openssl req -new -sha256 -x509 -nodes -days 1095 -out your.website.net.pem -keyout your.website.net.key

Not sure what rsa:2048 does or if I should add it or not.

Right now the server is only accessed via 192.168.xxx.xxx so if I create an ssl certificate, I would have to recreate a new one once I open it to public to have the proper domain name?

To enforce HTTPS, is my method in post #2 a good choice or should I do it in the way you posted?

I found this posted online:
Quote:
Note that you do not have to use mod_rewrite here as Owncloud sets the HSTS header, so browsers will automatically prefix all requests with https after the first visit.

Not sure exactly what they're getting at. Thanks
Hellbringer
(15 items)
 
Guardian
(9 items)
 
 
CPUMotherboardGraphicsRAM
Intel Core i7-6700K Skylake ASUS MAXIMUS VIII HERO SAPPHIRE 100311-2SR Radeon HD 6970 2GB GDDR5 G.SKILL Trident Z 16GB (2x8GB) DDR4 3200MHz 14-... 
Hard DriveHard DriveOptical DriveCooling
Samsung 950 Pro 512GB PCIe M.2 SSD WD Black 2TB 7200RPM SATAIII HDD ASUS Zen OpticalDrive USB G.Skill Turbulence II RAM Fan 
OSMonitorKeyboardPower
Microsoft Windows 10 Home Premium 64-bit Samsung BX2350 23" 1080p 2ms LED backlit S.T.R.I.K.E. 7 EVGA SuperNova G2 1000W Modular Power Supply 
CaseMouseAudio
Thermaltake Core P5 Open-Air Chassis Saitek Cyborg R.A.T. 7 The Infection Logitech Z5500 5.1 Surround 
  hide details  
Reply
Hellbringer
(15 items)
 
Guardian
(9 items)
 
 
CPUMotherboardGraphicsRAM
Intel Core i7-6700K Skylake ASUS MAXIMUS VIII HERO SAPPHIRE 100311-2SR Radeon HD 6970 2GB GDDR5 G.SKILL Trident Z 16GB (2x8GB) DDR4 3200MHz 14-... 
Hard DriveHard DriveOptical DriveCooling
Samsung 950 Pro 512GB PCIe M.2 SSD WD Black 2TB 7200RPM SATAIII HDD ASUS Zen OpticalDrive USB G.Skill Turbulence II RAM Fan 
OSMonitorKeyboardPower
Microsoft Windows 10 Home Premium 64-bit Samsung BX2350 23" 1080p 2ms LED backlit S.T.R.I.K.E. 7 EVGA SuperNova G2 1000W Modular Power Supply 
CaseMouseAudio
Thermaltake Core P5 Open-Air Chassis Saitek Cyborg R.A.T. 7 The Infection Logitech Z5500 5.1 Surround 
  hide details  
Reply
post #5 of 21
Quote:
Originally Posted by CrazyDiamond View Post

Thank you Plan9 for your assistance.

For creating the certificate/key, would this be a better choice? :
Code:
openssl req -new -sha256 -x509 -nodes -days 1095 -out your.website.net.pem -keyout your.website.net.key

Not sure what rsa:2048 does or if I should add it or not.
That's the length of your encryption key. I believe 1024 bits is OpenSSL's default (and lowest RSA supports), but it's also in the process of being deprecated as it's not regarded as being secure enough on modern systems (Since anything that has been encrypted can be decrypted. It means that the strength of encryption cyphers are judged by the computational time required. So as computer hardware gets more powerful, so does the length of encryption keys).

So I would recommend you use my example as that forces generation of 2048 bit keys.

Quote:
Originally Posted by CrazyDiamond View Post

Right now the server is only accessed via 192.168.xxx.xxx so if I create an ssl certificate, I would have to recreate a new one once I open it to public to have the proper domain name?
Weirdly, the answer to that is both yes and no. You can use the same old cert, but you'd get those annoying "invalid certificate" warnings. However you'd get them anyway with a self signed cert (assuming you don't install that on your clients machine (as I mentioned in bullet 2 in my previous post). You can also create certificates with multiple domain names so both your LAN IP and WAN domain name would be included (these are called SAN certificates).

Personally though, I'd recommend you do regenerate the cert as you're only using self signed certs at the moment anyway.
Quote:
Originally Posted by CrazyDiamond View Post

To enforce HTTPS, is my method in post #2 a good choice or should I do it in the way you posted?

I found this posted online:
Not sure exactly what they're getting at. Thanks
HSTS (HTTP Strict Transport Security) is a HTTP header that browsers read and go "Ohhh, this is meant to be secure, I better switch to SSL". Personally I'd recommend also using the 301 redirect just to guarantee that your browser will force HTTPS regardless of it's support for HSTS (which should be pretty universal these days).

Ultimately, having an additional 301 wouldn't cause security issues, but not having a 301 might cause traffic to run over HTTP in very rare circumstances. So you lose nothing adding it.
post #6 of 21
Thread Starter 
Quote:
install your public key both on the server and on any desktops you're likely to use OwnCloud on (this will mean you will get a warning in the unlikely scenario that someone tries to MITM you with their own self signed. It will also remove those annoying warnings that browsers give with self signed certs)

How do I do this? And would it be foolish to distribute this public key freely? As in if I was to provide it via download for all the clients who were going to use/connect to the server?
Hellbringer
(15 items)
 
Guardian
(9 items)
 
 
CPUMotherboardGraphicsRAM
Intel Core i7-6700K Skylake ASUS MAXIMUS VIII HERO SAPPHIRE 100311-2SR Radeon HD 6970 2GB GDDR5 G.SKILL Trident Z 16GB (2x8GB) DDR4 3200MHz 14-... 
Hard DriveHard DriveOptical DriveCooling
Samsung 950 Pro 512GB PCIe M.2 SSD WD Black 2TB 7200RPM SATAIII HDD ASUS Zen OpticalDrive USB G.Skill Turbulence II RAM Fan 
OSMonitorKeyboardPower
Microsoft Windows 10 Home Premium 64-bit Samsung BX2350 23" 1080p 2ms LED backlit S.T.R.I.K.E. 7 EVGA SuperNova G2 1000W Modular Power Supply 
CaseMouseAudio
Thermaltake Core P5 Open-Air Chassis Saitek Cyborg R.A.T. 7 The Infection Logitech Z5500 5.1 Surround 
  hide details  
Reply
Hellbringer
(15 items)
 
Guardian
(9 items)
 
 
CPUMotherboardGraphicsRAM
Intel Core i7-6700K Skylake ASUS MAXIMUS VIII HERO SAPPHIRE 100311-2SR Radeon HD 6970 2GB GDDR5 G.SKILL Trident Z 16GB (2x8GB) DDR4 3200MHz 14-... 
Hard DriveHard DriveOptical DriveCooling
Samsung 950 Pro 512GB PCIe M.2 SSD WD Black 2TB 7200RPM SATAIII HDD ASUS Zen OpticalDrive USB G.Skill Turbulence II RAM Fan 
OSMonitorKeyboardPower
Microsoft Windows 10 Home Premium 64-bit Samsung BX2350 23" 1080p 2ms LED backlit S.T.R.I.K.E. 7 EVGA SuperNova G2 1000W Modular Power Supply 
CaseMouseAudio
Thermaltake Core P5 Open-Air Chassis Saitek Cyborg R.A.T. 7 The Infection Logitech Z5500 5.1 Surround 
  hide details  
Reply
post #7 of 21
Quote:
Originally Posted by CrazyDiamond View Post

How do I do this? And would it be foolish to distribute this public key freely? As in if I was to provide it via download for all the clients who were going to use/connect to the server?

Public keys (or certificate, to be more accurate. I shouldn't have called them a "public key" in my earlier post. Sorry for the confusion there) are public anyway. In fact they're downloaded by your browser every time you hit a HTTPS website. So there's no danger in providing them via other means. However it is vitally important that you keep your PRIVATE key(s) secure (ie only keep them on your web server).

As for how you install the certificate on the clients PC, if they're running Windows then I'm afraid I haven't a clue. I don't run Windows.
post #8 of 21
Quote:
Originally Posted by Plan9 View Post

Public keys (or certificate, to be more accurate. I shouldn't have called them a "public key" in my earlier post. Sorry for the confusion there) are public anyway. In fact they're downloaded by your browser every time you hit a HTTPS website. So there's no danger in providing them via other means. However it is vitally important that you keep your PRIVATE key(s) secure (ie only keep them on your web server).

As for how you install the certificate on the clients PC, if they're running Windows then I'm afraid I haven't a clue. I don't run Windows.

For Windows, you need the root (which will just be the self-signed cert itself as it is its own root) in any format that Windows supports. The PEM format you get out of OpenSSL is fine - save that from the browser (or copy it to a PEM file from the terminal), then double click it in Windows and click install - you will need to install it to the "Trusted Root Certification Authorities" store, automatic selection will not work.

This only works for browsers trusting the Windows store. Firefox does not use this store and will need to be installed into its own certificate store.

Also just to be clear, while self signed certificates will let you include non TLD domains and IP addresses, you cannot do this anymore with public authorities if you ever decide to purchase a certificate.
Quote:
Originally Posted by Plan9 View Post

That's the length of your encryption key. I believe 1024 bits is OpenSSL's default (and lowest RSA supports), but it's also in the process of being deprecated as it's not regarded as being secure enough on modern systems (Since anything that has been encrypted can be decrypted. It means that the strength of encryption cyphers are judged by the computational time required. So as computer hardware gets more powerful, so does the length of encryption keys).

So I would recommend you use my example as that forces generation of 2048 bit keys.
Weirdly, the answer to that is both yes and no. You can use the same old cert, but you'd get those annoying "invalid certificate" warnings. However you'd get them anyway with a self signed cert (assuming you don't install that on your clients machine (as I mentioned in bullet 2 in my previous post). You can also create certificates with multiple domain names so both your LAN IP and WAN domain name would be included (these are called SAN certificates).

Personally though, I'd recommend you do regenerate the cert as you're only using self signed certs at the moment anyway.
HSTS (HTTP Strict Transport Security) is a HTTP header that browsers read and go "Ohhh, this is meant to be secure, I better switch to SSL". Personally I'd recommend also using the 301 redirect just to guarantee that your browser will force HTTPS regardless of it's support for HSTS (which should be pretty universal these days).

Ultimately, having an additional 301 wouldn't cause security issues, but not having a 301 might cause traffic to run over HTTP in very rare circumstances. So you lose nothing adding it.

The way I do it is have HSTS enabled, but keep the port 80 listener as a redirect only, i.e. it serves no content - this way even if some how the redirect and HSTS fails (basically impossible!) your application isn't being served over HTTP anyway so you get a big fat piss off page smile.gif
Ol' Sandy
(28 items)
 
"Zeus"
(12 items)
 
Elite Preview
(6 items)
 
CPUMotherboardGraphicsRAM
Intel Xeon E3-1230v3 Gigabyte GA-Z97X-UD5H-BK MSI Gaming GTX 980 Kingston 32GB (4x8) 
Hard DriveHard DriveHard DriveHard Drive
Plextor PX-256M5S 256GB Samsung EVO 1TB Hitachi HDS721010CLA332 Hitachi HDS723020BLA642 
Hard DriveHard DriveHard DriveOptical Drive
Hitachi HDS723020BLA642 Hitachi HUA722010CLA330 WDC WD10EARS-00Z5B1 TSSTcorp CDDVDW SH-S223B 
CoolingCoolingOSMonitor
Phanteks PH-TC14PE with TY-140's Lamptron FCv5 (x2) Windows 8 Pro 64-bit Dell U2412M 
MonitorMonitorMonitorKeyboard
Dell U2412M Dell U2212HM Dell U2713HM Topre Realforce 87UB | Ducky DK9087 G2 Pro 
PowerCaseMouseMouse Pad
Corsair AX-750 Corsair Obsidian 650D Logitech G700 XTRAC Ripper XXL 
AudioAudioAudioAudio
Beyerdynamic DT-770 Pro 250ohm Schiit Bifrost DAC Schiit Asgard 2 HiVi Swan M50W 2.1 
CPUMotherboardRAMHard Drive
Intel Xeon E5-2620 Super Micro X9SRL-F-B 128GB 1333MHz LSI 9271-8i 
OSPowerCase
VMware ESXi 5.5 SeaSonic SS-400FL2 Fractal Define R3 
CPUMotherboardGraphicsRAM
Intel Core i5-3437U HP EliteBook Folio 9470m  Intel HD Graphics 4000  16GB DDR3 SDRAM 
Hard DriveOS
256GB SSD Windows 10 Insider Preview 
  hide details  
Reply
Ol' Sandy
(28 items)
 
"Zeus"
(12 items)
 
Elite Preview
(6 items)
 
CPUMotherboardGraphicsRAM
Intel Xeon E3-1230v3 Gigabyte GA-Z97X-UD5H-BK MSI Gaming GTX 980 Kingston 32GB (4x8) 
Hard DriveHard DriveHard DriveHard Drive
Plextor PX-256M5S 256GB Samsung EVO 1TB Hitachi HDS721010CLA332 Hitachi HDS723020BLA642 
Hard DriveHard DriveHard DriveOptical Drive
Hitachi HDS723020BLA642 Hitachi HUA722010CLA330 WDC WD10EARS-00Z5B1 TSSTcorp CDDVDW SH-S223B 
CoolingCoolingOSMonitor
Phanteks PH-TC14PE with TY-140's Lamptron FCv5 (x2) Windows 8 Pro 64-bit Dell U2412M 
MonitorMonitorMonitorKeyboard
Dell U2412M Dell U2212HM Dell U2713HM Topre Realforce 87UB | Ducky DK9087 G2 Pro 
PowerCaseMouseMouse Pad
Corsair AX-750 Corsair Obsidian 650D Logitech G700 XTRAC Ripper XXL 
AudioAudioAudioAudio
Beyerdynamic DT-770 Pro 250ohm Schiit Bifrost DAC Schiit Asgard 2 HiVi Swan M50W 2.1 
CPUMotherboardRAMHard Drive
Intel Xeon E5-2620 Super Micro X9SRL-F-B 128GB 1333MHz LSI 9271-8i 
OSPowerCase
VMware ESXi 5.5 SeaSonic SS-400FL2 Fractal Define R3 
CPUMotherboardGraphicsRAM
Intel Core i5-3437U HP EliteBook Folio 9470m  Intel HD Graphics 4000  16GB DDR3 SDRAM 
Hard DriveOS
256GB SSD Windows 10 Insider Preview 
  hide details  
Reply
post #9 of 21
Quote:
Originally Posted by tompsonn View Post

The way I do it is have HSTS enabled, but keep the port 80 listener as a redirect only, i.e. it serves no content - this way even if some how the redirect and HSTS fails (basically impossible!) your application isn't being served over HTTP anyway so you get a big fat piss off page smile.gif

Yeah, that's what I was saying wrt 301
post #10 of 21
Quote:
Originally Posted by Plan9 View Post

Yeah, that's what I was saying wrt 301

party.gif
Ol' Sandy
(28 items)
 
"Zeus"
(12 items)
 
Elite Preview
(6 items)
 
CPUMotherboardGraphicsRAM
Intel Xeon E3-1230v3 Gigabyte GA-Z97X-UD5H-BK MSI Gaming GTX 980 Kingston 32GB (4x8) 
Hard DriveHard DriveHard DriveHard Drive
Plextor PX-256M5S 256GB Samsung EVO 1TB Hitachi HDS721010CLA332 Hitachi HDS723020BLA642 
Hard DriveHard DriveHard DriveOptical Drive
Hitachi HDS723020BLA642 Hitachi HUA722010CLA330 WDC WD10EARS-00Z5B1 TSSTcorp CDDVDW SH-S223B 
CoolingCoolingOSMonitor
Phanteks PH-TC14PE with TY-140's Lamptron FCv5 (x2) Windows 8 Pro 64-bit Dell U2412M 
MonitorMonitorMonitorKeyboard
Dell U2412M Dell U2212HM Dell U2713HM Topre Realforce 87UB | Ducky DK9087 G2 Pro 
PowerCaseMouseMouse Pad
Corsair AX-750 Corsair Obsidian 650D Logitech G700 XTRAC Ripper XXL 
AudioAudioAudioAudio
Beyerdynamic DT-770 Pro 250ohm Schiit Bifrost DAC Schiit Asgard 2 HiVi Swan M50W 2.1 
CPUMotherboardRAMHard Drive
Intel Xeon E5-2620 Super Micro X9SRL-F-B 128GB 1333MHz LSI 9271-8i 
OSPowerCase
VMware ESXi 5.5 SeaSonic SS-400FL2 Fractal Define R3 
CPUMotherboardGraphicsRAM
Intel Core i5-3437U HP EliteBook Folio 9470m  Intel HD Graphics 4000  16GB DDR3 SDRAM 
Hard DriveOS
256GB SSD Windows 10 Insider Preview 
  hide details  
Reply
Ol' Sandy
(28 items)
 
"Zeus"
(12 items)
 
Elite Preview
(6 items)
 
CPUMotherboardGraphicsRAM
Intel Xeon E3-1230v3 Gigabyte GA-Z97X-UD5H-BK MSI Gaming GTX 980 Kingston 32GB (4x8) 
Hard DriveHard DriveHard DriveHard Drive
Plextor PX-256M5S 256GB Samsung EVO 1TB Hitachi HDS721010CLA332 Hitachi HDS723020BLA642 
Hard DriveHard DriveHard DriveOptical Drive
Hitachi HDS723020BLA642 Hitachi HUA722010CLA330 WDC WD10EARS-00Z5B1 TSSTcorp CDDVDW SH-S223B 
CoolingCoolingOSMonitor
Phanteks PH-TC14PE with TY-140's Lamptron FCv5 (x2) Windows 8 Pro 64-bit Dell U2412M 
MonitorMonitorMonitorKeyboard
Dell U2412M Dell U2212HM Dell U2713HM Topre Realforce 87UB | Ducky DK9087 G2 Pro 
PowerCaseMouseMouse Pad
Corsair AX-750 Corsair Obsidian 650D Logitech G700 XTRAC Ripper XXL 
AudioAudioAudioAudio
Beyerdynamic DT-770 Pro 250ohm Schiit Bifrost DAC Schiit Asgard 2 HiVi Swan M50W 2.1 
CPUMotherboardRAMHard Drive
Intel Xeon E5-2620 Super Micro X9SRL-F-B 128GB 1333MHz LSI 9271-8i 
OSPowerCase
VMware ESXi 5.5 SeaSonic SS-400FL2 Fractal Define R3 
CPUMotherboardGraphicsRAM
Intel Core i5-3437U HP EliteBook Folio 9470m  Intel HD Graphics 4000  16GB DDR3 SDRAM 
Hard DriveOS
256GB SSD Windows 10 Insider Preview 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Linux, Unix
Overclock.net › Forums › Software, Programming and Coding › Operating Systems › Linux, Unix › Apache2 SSL self-signed help