Author: rech

Turns out software is the easy part, IP reputation is the boss.
Context: I’ve set up a mail server on VPS and it’s pretty tiring to deal with the mail server blocking my mail.
(more…)

The merged PR in question: userdb: add birthDate field to JSON user records

PR description:
Stores the user’s birth date for age verification, as required by recent laws
in California (AB-1043), Colorado (SB26-051), Brazil (Lei 15.211/2025), etc.

Related PR or as in, you know what is coming:
(more…)

Create CA secret key

openssl genrsa -aes256 -out ca.key 2048

Create CA cert

openssl req -new -x509 -nodes -days 365000 -key ca.key -out ca.crt

Create secret key and certificate request

openssl req -newkey rsa:2048 -days 365000 -nodes -keyout server.key -out server.csr

To have alternative hostname

openssl req -newkey rsa:2048 -days 365000 -nodes -keyout server.key -out server.csr -addext "subjectAltName=DNS:example.com,DNS:www.example.com"

Complete certificate request

openssl x509 -req -in server.csr -days 365000 -CA ca.crt -CAkey ca.key -copy_extensions copy -out server.crt

Create more requests with existing server key (adding new alt name for example)

openssl req -key server.key -out server.csr -addext "subjectAltName=DNS:example.com,DNS:www.example.com,DNS:manage.example.com"

Was configuring a WireGuard interface to be solely for split-tunneling qBittorrent and it took me a day to figure out how to actually set it up 💔
(more…)