Basic Authentication in Spring WebClient

In this short post we will see how to setup Basic Authentication in Spring WebClient while invoking external APIs.

Overview

WebClient is a non-blocking HTTP client with fluent functional style API. It is part of Spring Webflux module that was introduced in Spring 5. WebClient replaces the RestTemplate to invoke external APIs with non-blocking.

WebClient provides different ways of injecting HTTP headers, query params etc while making external call. In this example we will check how to specify Basic Authentication in Webclient.

Basic Authentication in WebClient

Until Spring 5.1, basic authentication was setup using a custom ExchangeFilterFunction. This way of setting up Basic auth was only available while creating WebClient since it relies on WebClient filters.

private WebClient client = WebClient.builder()
            .filter(ExchangeFilterFunctions
                .basicAuthentication(username, token))
            .build();

Alternatively if we want to provide the Basic auth while calling the API, we have to set the Authorization header manually which is not great!

webClient.get()
            .uri("/customers")
            .header("Authorization", "Basic " + Base64Utils
                    .encodeToString((username + ":" + token).getBytes(UTF_8)))
            .retrieve()
            .bodyToFlux(String.class);

Thankfully, Spring provided some helper methods to make this easy and consistent in Spring 5.1.

Basic Authentication in Spring 5.1 and above

The above way of setting Basic authentication using custom ExchangeFilterFunction is deprecated in Spring 5.1. A new method setBasicAuth is introduced in HttpHeaders class that can be used to set basic authentication.

Below we set use defaultHeaders in WebClient builder to setup Basic auth while creating WebClient instance:

private WebClient client = WebClient.builder()
            .defaultHeaders(header -> header.setBasicAuth(userName, password))
            .build();

Alternately the basic auth can also be setup while calling any API:

Mono<String> response = client.get()
                    .url("/customers")
                    .headers(headers -> headers.setBasicAuth(userName, password))
                    .retrieve()
                    .bodyToFlux(String.class);

Two variants of setBasicAuth methods are available in HttpHeaders.

void    setBasicAuth(String username, String password)
        //Set the value of the Authorization header to Basic Authentication based on the given username and password.

void    setBasicAuth(String username, String password, Charset charset)
        //Set the value of the Authorization header to Basic Authentication based on the given username and password.

Bonus tip – Setting Bearer Token in WebClient

Similar to Basic Auth, we can also setup the Bearer token in WebClient using new method setBearerAuth in HttpHeaders class:

void    setBearerAuth(String token)
        //Set the value of the Authorization header to the given Bearer token.

The process would be exactly similar to setting up the Basic Auth.

Conclusion

The setBasicAuth method in HttpHeaders class makes it easy setting up basic authentication in WebClient Spring WebFlux. The Basic Auth can be setup while building the WebClient or alternatively during invoking APIs using get(), post() etc.

via ViralPatel.net https://ift.tt/2GzfAyG

Getting Started with GraphQL and Spring Boot

Spring Boot FreeMarker Tutorial with Example

Spring Boot Custom Favicon Example – How to set custom Favicon in Spring Boot

Spring Boot Custom Favicon example – The default Spring Boot configuration provides the default favicon for the web application. If you start a Spring Boot app and requests /favicon.ico url, Spring will serve its default favicon.

It is very easy to provide custom favicon and override Spring’s default one. All you need to do is to put your favicon.ico file in classpath. I would recommend to put custom favicon.ico in /resources/static folder.

Once you put your favicon.ico file under /static folder, Spring will start serving it.

Spring Boot will read favicon.ico from classpath and serves it for all /favicon.ico requests. You might be thinking from where Spring Boot is serving its default green colored favicon?

This default Spring Boot favicon is in spring-boot-x.x.x.RELEASE.jar file. In this example I have used Spring Boot 1.5.7.RELEASE so my spring-boot-1.5.7.RELEASE.jar contains favicon.ico file!

Download – Spring Boot Custom Favicon example

As always the source code is available on Github.

Github – spring-boot-custom-favicon-example

The post Spring Boot Custom Favicon Example – How to set custom Favicon in Spring Boot appeared first on ViralPatel.net.

Related Articles

1. Spring Boot JSP Hello World Tutorial with Example
2. Dynamic unread count Favicon in PHP
3. Spring 3 MVC: Themes in Spring-Tutorial with Example
4. Change spring-servlet.xml Filename (Spring Web Contenxt Configuration Filename)
5. Spring 3 MVC: Create Hello World application in Spring 3.0 MVC
6. Spring 4 MVC Tutorial Maven Example – Spring Java Configuration
7. Spring 3 MVC – Introduction to Spring 3 MVC Framework

via ViralPatel.net http://ift.tt/2xtuJxv

Spring Boot JSP Hello World example

Spring 4 MVC REST Controller Example (JSON CRUD Tutorial)

Spring 4 MVC Tutorial Maven Example – Spring Java Configuration

Spring 4 MVC Tutorial with Eclipse, Maven – Spring 4 MVC is the newer version of our favorite Java MVC framework. A lot has improved in Spring since the Spring 3 MVC. In this tutorial we will create a simple web application from scratch in Eclipse that will use Spring’s latest version 4 MVC framework and Maven configuration. Also we will use Java configuration to configure Spring instead of older XML configuration.

Getting started with Spring 4 MVC Tutorial

1. Create a new Maven project

First things first, we will bootstrap a quick Maven project in Eclipse. Follow these simple steps and create a simple webapplication.

1.1 First in Eclipse go to File -> New and from New project dialog select Maven Project.

1.2 From New Maven Project dialog, leave the options as shown below and press Next.

1.3 Now select the project Archetype from the options. Type “web” in the filter text and select maven-archetype-webapp.

1.4 As shown below, provide the Group Id and Artifact Id. For this example I have given Group Id net.viralpatel.spring and Artifact Id as HelloWorld.

1.5 Once you press Finish, Eclipse should start generating Maven webapp using maven-archetype-webapp. Progress view should show the progress of this step.

New project is created with pom.xml, WebContent folder and src folder.

2. Add Spring 4 MVC Maven dependencies

Project structure is created. Now let’s start and add first the maven dependencies for Spring 4 MVC in our pom.xml file.

Update pom.xml file and add following dependencies.

pom.xml

After updating pom.xml, Eclipse’s maven plugin should start resolving the dependencies.

3. Set Annotation based Configuration for Spring 4 MVC tutorial

For this Spring 4 MVC tutorial we are going to use Spring’s Java based configuration or annotation based configuration instead of old XML configuration. So now lets add the Java Configuration required to bootstrap Spring 4 MVC example in our webapp.

Create AppConfig.java file under /src folder. Give appropriate package name to your file.

/src/main/java/net/viralpatel/spring/config/AppConfig.java

package net.viralpatel.spring.config;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.ViewResolver;
import org.springframework.web.servlet.config.annotation.DefaultServletHandlerConfigurer;
import org.springframework.web.servlet.config.annotation.EnableWebMvc;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
import org.springframework.web.servlet.view.InternalResourceViewResolver;
import org.springframework.web.servlet.view.JstlView;

@Configuration
@EnableWebMvc
@ComponentScan(basePackages = "net.viralpatel.spring")
public class AppConfig extends WebMvcConfigurerAdapter {
        @Bean
        public ViewResolver viewResolver() {
                InternalResourceViewResolver viewResolver = new InternalResourceViewResolver();
                viewResolver.setViewClass(JstlView.class);
                viewResolver.setPrefix("/WEB-INF/views/");
                viewResolver.setSuffix(".jsp");

                return viewResolver;
        }

        @Override
        public void configureDefaultServletHandling(DefaultServletHandlerConfigurer configurer) {
                configurer.enable();
        }

}

AppConfig class is annotated with Spring’s annotations such as @Configuration, @EnableWebMvc and @ComponentScan.

The @Configuration annotation indicates that the class declares one or more @Bean methods. These methods are invoked at runtime by Spring to manage lifecycle of the beans. In our case we have defined @Bean for view resolver for JSP view.

The @EnableWebMvc is equivalent to <mvc:annotation-driven /> in XML. It enables support for @Controller-annotated classes that use @RequestMapping or @GetMapping to map incoming requests to certain methods.

The @ComponentScan annotation is equivalent to <context:component-scan> in XML. It will scan through the given package and register all the Controllers and beans.

The configureDefaultServletHandling() method is overridden and we enable default servlet handler. This will let other http request such as .css, .js slip through the usual DispatcherServlet and let the container process them. So now we can serve the static files css and javascript from our WebApp folder.

The above Annotation based configuration is equivalent to following XML configuration.

4. Set Servlet 3.X Java Configuration

Create AppInitializer class under config package. This class will replace web.xml and it will map the spring’s dispatcher servlet and bootstrap it.

/src/main/java/net/viralpatel/spring/config/AppInitializer.java

package net.viralpatel.spring.config;

import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.ServletRegistration;

import org.springframework.web.WebApplicationInitializer;
import org.springframework.web.context.support.AnnotationConfigWebApplicationContext;
import org.springframework.web.servlet.DispatcherServlet;

public class AppInitializer implements WebApplicationInitializer {

        public void onStartup(ServletContext container) throws ServletException {

                AnnotationConfigWebApplicationContext ctx = new AnnotationConfigWebApplicationContext();
                ctx.register(AppConfig.class);
                ctx.setServletContext(container);

                ServletRegistration.Dynamic servlet = container.addServlet("dispatcher", new DispatcherServlet(ctx));

                servlet.setLoadOnStartup(1);
                servlet.addMapping("/");
        }

}

We have configured the dispatcher servlet using standard Java based configuration instead of the older web.xml. Thus web.xml is no longer required and we can simply delete it.

5. Create the Controller

Create a sample controller HelloController.java under controller package. This will have a simple hello() method that act as starting point. Notice how we have used @GetMapping annotation provided as part of Spring 4 MVC. This is equivalent to @RequestMapping GET.

/src/main/java/net/viralpatel/spring/controller/HelloController.java

package net.viralpatel.spring.controller;

import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.GetMapping;

@Controller
public class HelloController {

        @GetMapping("/hello")
        public String hello(Model model) {

                model.addAttribute("name", "John Doe");

                return "welcome";
        }
}

6. Create the View and Stylesheet

6.1 Create welcome.jsp file under WEB-INF/views folder. This will be our primary view file.

/src/main/webapp/WEB-INF/views/welcome.jsp

6.2 Next creat the stylesheet for Spring MVC sample.

/src/main/webapp/resources/css/style.css

body {
        background-color: wheat;
}

That’s All Folks

It’s time to execute the project. In Eclipse you can start Tomcat and run the project inside it. Or you can run the project using Embedded Tomcat using Maven.

Once the application starts successfully, launch the browser and open http://localhost:8080/spring4/hello.

Download Source Code – Spring 4 MVC Tutorial

Source code of this Spring 4 MVC Hello World tutorial is available in Github.

Download – spring4-mvc-example.zip (6.54 KB)

Github – spring4-mvc-example.git

The post Spring 4 MVC Tutorial Maven Example – Spring Java Configuration appeared first on ViralPatel.net.

Related Articles

1. Change spring-servlet.xml Filename (Spring Web Contenxt Configuration Filename)
2. Spring @RequestHeader Annotation example
3. Spring 3 MVC Interceptor tutorial with example
4. Tutorial:Create Spring 3 MVC Hibernate 3 Example using Maven in Eclipse
5. Spring MVC Exception Handling using @ControllerAdvice annotation
6. Spring MVC Cookie example
7. Spring MVC Flash Attribute tutorial with example

via ViralPatel.net http://ift.tt/28Rvh1X

Find Process ID of Process using a Port in Windows

Find Process ID of Process using given port in Windows
Once a while it happens that you try to start Tomcat and it complains “Port 8080 required by Tomcat v7.0 Server at localhost is already in use”. So that means there is already a process running in background that has occupied 8080 port. So how to identify the process in Windows task manager that is using port 8080? I am sure there must be a javaw.exe. But is there a better way to identify which process in windows is using a given port number? Yes…

How to Find Process ID of process that uses a Port in Windows

Our friend netstat will help us in identifying the process. netstat can list the running process and display information such as process id, port, etc. From this list we can filter the processes that has given port using findstr command.

List process by port number

netstat -ano | findstr 8080

Output

Proto  Local Address          Foreign Address        State           PID
  TCP    0.0.0.0:8080           0.0.0.0:0              LISTENING       29848

• -a – Displays all connections and listening ports.
• -o – Displays the owning process ID associated with each connection.
• -n – Displays addresses and port numbers in numerical form.

We can use netstat to list all the processes.
List all processes by PID

netstat -ano

Kill the Process by PID
Once we identify the process PID, we can kill the process with taskkill command.

taskkill /F /PID 12345

Where /F specifies to forcefully terminate the process(es). Note that you may need an extra permission (run from admin) to kill some certain processes.

Or else you can use our old trusted Windows Task Manager to kill the process for given process id. If PID is not visible in your task manager then you can enable it by Right clicking on table header under Details tab, click Select Columns and then check PID.

The post Find Process ID of Process using a Port in Windows appeared first on ViralPatel.net.

Related Articles

1. Run Multiple Instance of Apache Tomcat in Single Server
2. How to reinstall windows after installing linux
3. Windows 7: How To Set Environment Variable without Admin Access
4. Windows 95 on iPhone 3G!!
5. GMail launched Task list functionality
6. Installing Windows XP with Vista
7. How to Embed Tomcat within Maven Project – Run Tomcat with Maven

via ViralPatel.net http://ift.tt/28ME73T

How to Embed Tomcat within Maven Project – Run Tomcat with Maven

Tomcat is a developers choice container. The most popular and loved Java container that everyone loves because of its simplicity and speed. This can be attributed to the ease of installation and configuration while running a tomcat server. Once the server is installed, it is like piece of cake running it through Eclipse or as a windows service.

Wouldn’t it be great to use tomcat without installing tomcat all together? This is exactly what you can achieve thanks to Maven. Maven has a wonderful plugin tomcat7-maven-plugin that we can use to embed tomcat within our Java web application. The idea is to create standalone web project that can start tomcat server and run on its own. All we need to do is the add following maven plugin in your pom.xml plugins list.

And once this is done all we have to do is to clean build the project using maven.

mvn clean install

And then running maven tomcat7:run goal which will download the dependencies and trigger the tomcat7-maven-plugin.

mvn tomcat7:run

And that’s it. Once we fire this tomcat7:run goal, maven will start its magic. First all related dependencies will be downloaded, the webapp will be compiled and packaged and then tomcat7 maven plugin will deploy the webapp and start the embedded server.

You will have something similar to following.

[INFO] Scanning for projects...
[INFO]                                                                         
[INFO] ------------------------------------------------------------------------
[INFO] Building HelloWorld Maven Webapp 0.0.1-SNAPSHOT
[INFO] ------------------------------------------------------------------------
[INFO] 
[INFO] >>> tomcat7-maven-plugin:2.2:run (default-cli) > process-classes @ HelloWorld >>>
[INFO] 
[INFO] --- maven-resources-plugin:2.6:resources (default-resources) @ HelloWorld ---
[INFO] Copying 0 resource
[INFO] 
[INFO] --- maven-compiler-plugin:2.3.2:compile (default-compile) @ HelloWorld ---
[INFO] Nothing to compile - all classes are up to date
[INFO] 
[INFO] <<< tomcat7-maven-plugin:2.2:run (default-cli) < process-classes @ HelloWorld <<<
[INFO] 
[INFO] --- tomcat7-maven-plugin:2.2:run (default-cli) @ HelloWorld ---
[INFO] Running war on http://localhost:8080/HelloWorld
[INFO] Using existing Tomcat server configuration at C:\workspace\test\HelloWorld\target\tomcat
[INFO] create webapp with contextPath: /HelloWorld
Jun 15, 2016 3:10:40 PM org.apache.coyote.AbstractProtocol init
INFO: Initializing ProtocolHandler ["http-bio-8080"]
Jun 15, 2016 3:10:40 PM org.apache.catalina.core.StandardService startInternal
INFO: Starting service Tomcat
Jun 15, 2016 3:10:40 PM org.apache.catalina.core.StandardEngine startInternal
INFO: Starting Servlet Engine: Apache Tomcat/7.0.47
Jun 15, 2016 3:10:52 PM org.apache.coyote.AbstractProtocol start
INFO: Starting ProtocolHandler ["http-bio-8080"]

And then just open your web applications link http://localhost:8080/ in your favorite browser.

Change the Port number

By default the embedded tomcat will try to initialize at port 8080. We can change this by passing port number in configuration.

Using different context path

Also, by default the web context for the application will be our maven projects artifact id. We can change the path or web context by setting new path in configuration.

Following is the sample pom.xml for reference.

pom.xml

The post How to Embed Tomcat within Maven Project – Run Tomcat with Maven appeared first on ViralPatel.net.

Related Articles

1. Creating Dynamic Web Project using Maven in Eclipse
2. Run Multiple Instance of Apache Tomcat in Single Server
3. Setting Tomcat Heap Size (JVM Heap) in Eclipse
4. Introduction to Apache Maven: A build framework & build automation tool
5. Maven: How to Remove/Ignore Transitive Dependency
6. Implement LDAP authentication in Tomcat & JBoss server for Java app
7. Database Connection Pooling in Tomcat using Eclipse

via ViralPatel.net http://ift.tt/1VYXqsm

Bootstrap Navbar Menu without JavaScript

Bootstrap Navbar Menu without JavaScript – Bootstrap is getting lot of traction since past few years. While many argue it makes web look plain and similar, it has been boon to non-ui developers. The learning curve is also easy and thus you can make good looking web pages in no time.

Update: For Bootstrap 4 example scroll to the bottom of post.

One of most used component of Bootstrap with Navbar. The navbar menu is responsive and adapts to any screen size. For small devices (mobile) the navbar get collapsed and a burger icon appears which can be used to open/close menu in navbar.

To collapse/uncollapse the menu you have to include bootstrap javascript and jquery javascript in your webpage. Sometime this is a little uncomfortable. Say you have a static webpage without any javascript. If you want to show/hide the navbar menu then you have to include all these javascript files unnecessarily. There must be a way of getting away with javascript and still able to use bootstrap navbar? Well there is. You can make bootstrap navbar hide/show for mobile devices without using javascript. Checkout the following code.

The HTML

<nav class="navbar navbar-default navbar-fixed-top">
  <div class="container">
    <input type="checkbox" id="navbar-toggle-cbox">
    <div class="navbar-header">
      <label for="navbar-toggle-cbox" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#navbar" aria-expanded="false" aria-controls="navbar">
        <span class="sr-only">Toggle navigation</span>
        <span class="icon-bar"></span>
        <span class="icon-bar"></span>
        <span class="icon-bar"></span>
      </label>
      <a class="navbar-brand" href="#">Project name</a>
    </div>
    <div id="navbar" class="navbar-collapse collapse">
      <ul class="nav navbar-nav">
        <li class="active"><a href="#">Home</a></li>
        <li><a href="#about">About</a></li>
      </ul>
    </div>
  </div>
</nav>

The CSS

#navbar-toggle-cbox {
  display:none
}
#navbar-toggle-cbox:checked ~ .collapse {
    display: block;
}

So how does this works? First check the html. We added a checkbox and hide it using CSS. Next we changed the button into label and connect the label to checkbox using for="". So whenever you click the burger menu which act as label for checkbox toggles it state. And as per the state of checkbox we show or hide the content.

Online Demo – Bootstrap Navbar Menu without JavaScript

Below is the demo, click on the burger menu button to toggle navbar menu.

JSFiddle: http://ift.tt/1TU3BNJ

Bootstrap 4 Navbar without JavaScript

You can do the same with Bootstrap v4 which is still in alpha at the time I am writing this. Below is the fiddle preview.

The post Bootstrap Navbar Menu without JavaScript appeared first on ViralPatel.net.

Related Articles

1. How to apply HTML User Interface Effects using jQuery.
2. Dynamically shortened Text with “Show More” link using jQuery
3. CSS Styling Radio Button and Checkboxes
4. Sum HTML Textbox Values using jQuery / JavaScript
5. JQuery Trigger Event on Show/Hide of Element
6. Multiple Checkbox Select/Deselect using jQuery – Tutorial with Example
7. Tutorial: Handle browser events using jQuery JavaScript framework

via ViralPatel.net http://ift.tt/1LXNcjj

How to secure WordPress Admin with HTTPS – Self-signed certificate

A little security is better than no security :D If you are self hosting a wordpress.org blog on some shared server or VPS it is good idea to secure the Admin panel using HTTPS. I have recently enabled this security on this blog by using self signed certificate. Before we dig into details lets check some basics of SSL or HTTPS.

What is SSL?

SSL is the standard for exchanging information securely–via cryptographic encryption–between a website and the browser. SSL is a way to establish a trusted connection between the server and a web browser. Once that relationship is in place the server will encrypt data before transmitting it in a way that only its intended recipient i.e. browser can decrypt it.

This method of security accepts the fact that any data transmitted over the internet can, and likely will be, intercepted at anytime by a hacker or a government agency fishing for information. By sending the data encrypted, we ensure that if anyone but the intended recipient gets the data they will have what is effectively gibberish. Giving them gibberish is preferable to giving them confidential correspondence, private records, credit card numbers or any other private data.

Using SSL requires that your server has a valid SSL certificate installed. An SSL certificate, which must be purchased, tells the browser important details about your sites security. In most browsers, when you go to a secure site, you will see a lock or similar icon in the address bar, showing you details about the SSL certificate.

Once your SSL certificate is installed, when someone visits your website they will be able to access it via secure HTTP, or HTTPS. When we say “using SSL” what we mean is that the exchange of information between the server and browser is happening via the HTTPS protocol instead of the unsecured HTTP protocol. Doing so requires a valid SSL certificate.

What are Self-signed certificates?

As noted earlier in order to secure a website using HTTPS we need an SSL certificate. Usually to build the trust, the SSL certificate is issued from an authority known as Certificate Authority (CA) like Verisign. These CA issued certificates are also known as signed certificates. As they are usally issued by verifing the domain authority and business. Depending upon which CA is used, the domain is verified and a certificate is issued. Verisign and other more trusted CAs will verify the existence of the business in question and the ownership of the domain to provide a bit more security that the site in question is legitimate.

Due to all these varification steps, the signed certificates are not free. You have to pay a yearly fee to get a signed certificate from CA. To avoid this, self signed certificate can be utilized. Self signed certificates are exactly similar to signed one in terms of security. The only difference is that user will see a warning in most mordern browsers if the site they are visiting is signed using self-signed certificate. So self signed certificate are best suited from test servers, Intranet applications or admin consoles for self hosted wordpress.

How to create Self-signed certificates?

First step to secure your wordpress admin panel using HTTPS is creating a self-signed certificate. There are number of tools you can use to generate certificates (openssl, Java keytool, Adobe Reader, Apple keychain). We will stick to the most common tool available on linux flavors like Ubuntu – openssl. Let’s get started.

Step 1: Verifiy is Openssl is installed

First check if openssl is available. Run following command and see if it gives openssl folder.

$ which openssl
/usr/bin/openssl

If openssl is not available then install the same using apt-get:

$ apt-get install openssl

We have openssl installed so lets proceed with other steps.

Step 2: Generate an RSA private key

First generate RSA private key using openssl. This key is a 1024 bit RSA key which is encrypted using Triple-DES and stored in a PEM format so that it is readable as ASCII text.

$ openssl genrsa -des3 -passout pass:x -out server.key 1024
Generating RSA private key, 1024 bit long modulus
...++++++
....++++++
e is 65537 (0x10001)
$ 

Private key is generated in file server.key.

Step 3: Remove Passphrase from server key

We need to remove the Passphrase from the server key. Otherwise everytime when Apache server will restart we have to enter this key. Its better we remove the passphrase key.
First create copy of server.key file.

$ cp server.key server.key.out

Next remove the passphrase key and overwrite it on server.key.

$ openssl rsa -passin pass:x -in server.key.out  -out server.key
writing RSA key

Remove temporary file server.key.out

$ rm server.key.out

Now all we have left with is a server.key without any passphrase.

Step 4: Generate a CSR (Certificate Signing Request)

Let’s now generate a CSR file which we later use to create certificate. The CSR is used in one of two ways. Ideally, the CSR will be sent to a Certificate Authority, such as Verisign who will verify the identity of the requestor and issue a signed certificate. The second option is to self-sign the CSR, which will be demonstrated in the next section.

$ openssl req -new -key server.key -out server.csr
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:IN
State or Province Name (full name) [Some-State]:Karnataka
Locality Name (eg, city) []:Bangalore
Organization Name (eg, company) [Internet Widgits Pty Ltd]:ViralPatel.net
Organizational Unit Name (eg, section) []:
Common Name (eg, YOUR name) []:viralpatel.net
Email Address []:viralpatel.net@gmail.com

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []: 
An optional company name []:

Step 5: Generate SSL self signed certificate

Let us generate the certificate using CSR and private key we created earlier.

$ openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
Signature ok 
subject=/C=IN/ST=Karnataka/L=Bangalore/O=http://ift.tt/1dfuIzm
Getting Private key

Now we should have 3 files present in current directory.

$ ls 
server.crt  server.csr  server.key

server.crt is the self-signed certificate and server.key is the private key.

Securing WordPress Admin with HTTPS

We can now install it in Apache and configure wordpress to use it.

Step 1: Moving the certificates to apache folder

Copy the newly created certificate and private key file in Apache’s SSL configuration.

$ cp server.crt /usr/local/apache/conf/ssl.crt
$ cp server.key /usr/local/apache/conf/ssl.key

for Ubuntu

$ cp server.crt /etc/ssl/certs/ssl.crt
$ cp server.key /etc/ssl/private/ssl.key

Step 2: Configure Apache to use SSL certificate

Let us enable the Apache’s SSL module and default-ssl site.

$ sudo a2enmod ssl
$ sudo a2ensite default-ssl
$ sudo service apache2 restart

Once you do that you will see /etc/apache2/sites-available/default-ssl file available in apache. Open the file and check if DocumentRoot is pointing to corrrect root.

<IfModule mod_ssl.c>
<VirtualHost _default_:443>
        ServerAdmin webmaster@localhost

        DocumentRoot /var/www/<user>/public_html/ 
        <Directory />
                Options FollowSymLinks 
                AllowOverride None
        </Directory> 

Almost done. Now enable wordpress SSL configuration for Admin.

Open wp-config.php file from your wordpress installation folder. And add following line.

define(‘FORCE_SSL_ADMIN’, true);

Step 3 – Test your SSL Setup

Open your website in a your favorite web browser. If everything goes well, you’ll see a warning saying the certificate is not verified.

Accept the certificate exception. But before accepting it verify the SHA/MD5 fingerprints to make sure its yours.

That’s it. Your WordPress Admin dashboard is secured using HTTPS and self-signed certificate.

The post How to secure WordPress Admin with HTTPS – Self-signed certificate appeared first on ViralPatel.net.

Related Articles

1. Save Webserver Space by turning off Image Thumbnails in WordPress
2. How to Disable Post Revision History or Version Tracking in WordPress
3. WordPress Tip: Insert Content automatically after each Post in wordpress
4. WordPress 2.9 is out. Get your copy now
5. Java MD5 Hashing & Salting: Secure Your Passwords
6. Say Hello to WordPress 3.0!
7. WordPress – Allow Contributors to Add / Upload Media

via ViralPatel.net http://ift.tt/1QPpwVw