Creating a self signed cert for development

Recently I making some enhancements with set of REST api services. To verify that my changes worked as expected I used the tool Advanced REST client Chrome extension to make calls against the end points. The tool is not only useful for making calls against REST endpoint but can be use to place any type of HTTP request where you need to set the headers or other aspects of an HTTP request. A nice complement to the Chrome Developer Tools. However I encountered and issue while attempting the connect to the service running on my local machine. Specifically the issue had to do with the fact that The X.509 certificate I was using was invalid. This came as no surprise to me as I created the certificate just to test the ssl connection with little care for if it was valid or not. Although Chrome allow you to make an exception in such cases where it encounters an invalid certificate there appears to be no way to get around the issue in the Advanced REST client. To be able to use the client meant that I would have to create a self signed certificate and use it to sign a certificate that will be stored in a java keystore used by tomcat. What follows is the steps I took to do just that.

Step 1: First using openssl create the server private key that will be used to sign the service

openssl genrsa -aes128 -out server.key 2048

Step 2: create the server csr (Certificate Signing Request)

openssl req -new -key server.key -out server.csr

Step 3: Remove the passphrasse from the key (Optional)

cp server.key
openssl rsa -in -out server.key

Step 4: Generate the self signed certificate

openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

Step 5: Create a keypair for ‘tomcat’

keytool -genkey -alias tomcat -keyalg RSA -keystore keystore.jks

Step 6: Generate a CSR (Certificate Signing Request) for tomcat

keytool -keystore keystore.jks -alias tomcat -certreq -file tomcat.csr

Step 7: Create unique serial number

echo 02 > serial.txt

Step 8: Sign the tomcat CSR

openssl x509 -CA server.crt -CAkey server.key -CAserial serial.txt -req -in tomcat.csr -out tomcat.cer -days 365

Step 9: Import the server CA certificate into the keystore

keytool -import -alias serverCA -file server.crt -keystore keystore.jks

Step 10: Add the tomcat certificate to the keystore

keytool -import -alias tomcat -file tomcat.cer -keystore keystore.jks


For more information on creating a Java Keytool Self Signed Certificate, see the following links:

Adding Git commit information to java jar manifest using Gradle

Keeping track information used to build a package deployed in a production environment can very useful when trying to identify unwanted issues that may occur in that environment. Recently I was working on a java project managed using a git repository and built using gradle and wanted to have commit information, build time, etc. along side the package.

mkdir myproject
cd myproject
gradle init --type java-library
git init .
echo ".gradle" > .gitignore
git add .
git commit -m "Inital commit"

After doing a bit of digging around on the web I was able to find a the gradle-git plugin I then used to help me to retrieve the information I wanted from the git repo. To configure the plugin in my gradle build file I added the following changes.

buildscript {
repositories {
dependencies {
classpath 'org.ajoberstar:gradle-git:1.4.2'

apply plugin: ‘org.ajoberstar.grgit’

description = “sample project”
version = “1.0”

import org.ajoberstar.grgit.*
def repo =‘.’)
jar {
manifest {
attributes(“Built-By”: System.getProperty(“”))
attributes([“Specification-Title”: project.description,
“Specification-Version”: version,
“Implementation-Version”: 1,
“Implementation-Vendor” :”My Organization”,
“Implementation-Timestamp”: new Date().format(“yyyy-MM-dd’T’HH:mm:ssZ”),
“Git-Commit”: repo.head().getAbbreviatedId(8),
“Git-Branch”: repo.branch.getCurrent().getName() ], common”)
from sourceSets.main.output


Once all the changes were applied to the build.gradle file I ran the following command to build the project.

./gradlew build

To verify that the all information was added to the manifest file after it was built I then executed the following command.

cat build/tmp/jar/MANIFEST.MF


Manifest-Version: 1.0
Built-By: amir

Name: common
Specification-Title: sample project
Specification-Version: 1.0
Implementation-Title: sample-gradle-git
Implementation-Version: 1
Implementation-Vendor: Some Organization
Implementation-Timestamp: 2016-03-10T18:30:19-0500
Git-Commit: e5957e11
Git-Branch: master

Check to sample project on github.

Redirect port 80 and 8443 to 443 to 8443 using iptables

I have a Tomcat webapp that I work with that does not like having 8080 and 8443 in the url. To get around this I’ve always setup an apache with mod_jk to proxy request. However I found this very cumbersome and need a simpler way to setup the project running on tomcat without having to setup apache as well. To get around this problem I found a set of Iptables rules that redirected the port 80 to 8080 and port 443 to 8443.

sudo iptables -t nat -i eth0 -D PREROUTING -j REDIRECT -p tcp --destination-port 443 --to-ports 8443
sudo iptables -t nat -A OUTPUT -o lo -p tcp --dport 80 -j REDIRECT --to-port 8080
sudo iptables -A FORWARD -p tcp --destination-port 80 -j ACCEPT
sudo iptables -t nat -A OUTPUT -o lo -p tcp --dport 443 -j REDIRECT --to-port 8443

What lurks in the heavens above

I stumbled upon this amazing video by Scott Manly that shows the Asteroid Discovery from 1980 – 2012. What’s really amazing to me is that in spite of all the rocks floating around in space we spared from the brunt of a major impact. The question is “for how long?” Hope you enjoy the video below.

Importing a tab delimited file with sqlite

I thought I’d share my experience with importing the a tab delimited file into an sqlite db as documentation on how to do so is not that easy to find on the web.

In my example I will be importing the US Census ZIP Code Tabulation Area file for 2010. Once you’ve downloaded the file unzip then create the sqlite db and then you’re ready to perform data import. The code block below contains the series of commands which I perform.

cat Gaz_zcta_national.txt | tail -n +2 > Gaz_zcta_national.csv
sqlite3 zcta.db
CREATE TABLE IF NOT EXISTS zcta(geoid text primary key, population integer, housingunitcnt integer, land_area_metric real, water_area_metric real, land_area_eng real, water_area_eng real, lat real, lng real);
.mode csv
.separator "t"
.import Gaz_zcta_national.txt zcta
select * from zcta;