A client error (MalformedCertificate) occurred when calling the UploadServerCertificate operation: java.lang.ClassCastException: org.bouncycastle.openssl.PEMEncryptedKeyPair cannot be cast to org.bouncycastle.openssl.PEMKeyPair

While trying to upload ssl certificate I got below issue:

I used following command to upload ssl certificate to aws:

aws iam upload-server-certificate --server-certificate-name MysiteCertificate --certificate-body file://home/guest/Downloads/mysite/public.crt --private-key file://home/guest/Downloads/mysite/private.key --certificate-chain file://home/guest/Downloads/mysite/intermediate.pem

Output:

A client error (MalformedCertificate) occurred when calling the UploadServerCertificate operation: java.lang.ClassCastException: org.bouncycastle.openssl.PEMEncryptedKeyPair cannot be cast to org.bouncycastle.openssl.PEMKeyPair

To fix above issue first run below command:

openssl rsa -in private.key -text > private.key.new

Now try to upload ssl certificate with private.key.new instead of private.key

aws iam upload-server-certificate --server-certificate-name MysiteCertificate --certificate-body file://home/guest/Downloads/mysite/public.crt --private-key file://home/guest/Downloads/mysite/private.key.new --certificate-chain file://home/guest/Downloads/mysite/intermediate.pem

Amazon Web Services – A client error (MalformedCertificate) occurred when calling the UploadServerCertificate operation: Unable to parse certificate. Please ensure the certificate is in PEM format

While I am trying to upload ssl certificate with aws cli got error saying MalformedCertificate

I used following command to upload ssl certificate:

aws iam upload-server-certificate --server-certificate-name MysiteCertificate --certificate-body public.crt --private-key private.key --certificate-chain intermediate.pem

Output:
A client error (MalformedCertificate) occurred when calling the UploadServerCertificate operation: Unable to parse certificate. Please ensure the certificate is in PEM format.

After debugging for a while adding file:// before file name is solved issue & below is the command that worked for me:

aws iam upload-server-certificate --server-certificate-name MysiteCertificate --certificate-body file://home/guest/Downloads/mysite/public.crt --private-key file://home/guest/Downloads/mysite/private.key --certificate-chain file://home/guest/Downloads/mysite/intermediate.pem

Python reverse a string with slicing

 

In python there is no direct function to reverse a string, to reverse a string we need to use slicing.

A slice extracts elements based on a start.
An extended slice extracts elements based on start and stop with step/stride.

Some examples of slicing:

>>> values="abcdefg"
>>> values[1:3]
'bc'
>>> values[2:-1]
'cdef'
>>> values[:2]
'ab'
>>> values[2:]
'cdefg'
>>> values[::2]
'aceg'
>>> values[::-1]
'gfedcba'

Slicing can be used for strings, lists, tuples, arrays and custom data structures as well.

If you observer above example the last slice values[::-1] is printing reverse string where we are using extended slicing.

>>> values[::-1]
'gfedcba'
>>> 'xyz'[::-1]
'xyz'

Syntax of extended slice:

[begin:end:step]

In our example by leaving begin and end off and specifying a step of -1 will reverses a string.

Python – check if value/variable is integer

 

By using is isinstance(var, type) function we can check a given value/variable is integer or not. isinstance will either written True or False.

Here is and an example:

>>> isinstance(10, int)
True
>>> var_a=10
>>> isinstance(var_a, int)
True
>>> isinstance('a', int)
False

To check if variable is a number use following example:

>>> isinstance(1.0, (int, long, float))
True

Python – Get epoch time stamp in milliseconds

To get epoch time stamp in Python we need to time.time() function.

time.time() will returns a float value with double precision counting seconds since epoch and to convert it to milliseconds multiply it with 1000.

With below example code I will show how to get epoch time stamp in milliseconds:

>>> import time
>>> time.time()
1417778138.893148
>>> int(time.time() * 1000)
1417778323455

In above example int(time.time() * 1000) will return epoch time in milliseconds.

Ansible – disable gather facts

 

When we execute an ansible playbook by default it will gather facts of operating system first and then execute tasks listed in it.

Its always not required to gather facts & if we have too many hosts it will take more time to execute a playbook.

To mitigate this we need to disable gather facts with “gather_facts” attribute in ansible playbook.

By default gather_facts attributes value is True, to disable it we need to set it as False.

gather_facts: False

Here is my play book example with gather_facts: False

---
- hosts: all
  gather_facts: False
  tasks:
    - name: Hello
      shell: "echo hello"
      tags:
         - hello

    - name: Bye
      shell: "echo bye"
      tags:
         - bye

After updating gather_facts: False in playbook if we execute, it will skip collecting facts and directly execute tasks listed.

Ansible tags

 

To run specific part or exclude specific part in a playbook we an use tags attrubute.

Here is my example playbook with name tags_example.yml:

---
- hosts: all
  tasks:
    - name: Hello
      shell: "echo hello"
      tags:
         - hello

    - name: Bye
      shell: "echo bye"
      tags:
         - bye

In above playbook we have two tasks Hello and Bye with tags hello and bye tags respectively.

To execute above playbook use following command:

$ ansible-playbook yml/tags_example.yml

Above command will execute both tasks Hello and Bye respectively.

Now lets see how to execute specific part of play book.

We can use --tags "<tagName>" argument with ansible-playbook to execute only specific tasks and use --skip-tasks "<tagName>" to skip specific tasks from execution.

To execute all tasks with hello tag use following command:

$ ansible-playbook yml/tags_example.yml --tags "hello"

To skip all tasks with hello tag use following command:

$ ansible-playbook yml/tags_example.yml --skip-tags "hello"

To execute multiple tags use following command:

$ ansible-playbook yml/tags_example.yml --tags "hello,bye"

To skip multiple tags use following command:

$ ansible-playbook yml/tags_example.yml --skip-tags "hello,bye"

I hope this will helps to understand tags concept in Ansible.

bash – get previous command status

 

To get previous command status in bash use “$?” variable.

echo $? will return zero if previous command is success & if its non zero it indicates failure.

Example:

$ ls ; echo $?

Output of the above command is list of files, directories and next line it will return number.

We can use condition for check if previous command is success or failure:

any_command
if [ $? -eq 0 ] 
then
    echo SUCCESS
else
    echo FAIL
fi

Ansible – Create user with password in Ubuntu/Linux

Ansible is an open-source software platform for configuring and managing computers.

In this article I will explain how to create new user with password.

Ansible has a user module to create a user. You can refer user module docs for more details.

I would like to create a user with name “guest” and password “guest123″.

Ansible will take only encrypted password as input password i.e, if we give passowrd as “guest123″ it will decrypt the given password and set, obviosely if we decrypt “guest123″ it wont be same as “guest123″.

After deciding username and password generate encrypted password:

python -c ‘import crypt; print crypt.crypt(“guest123″, “guest”)’

Output:

gu2KmqcJp0Yyo

In above example I using guest as key to encrypt the password.

After creating password add following code in ansible-playbook:


---
- hosts: yourhostname
  user: root
  sudo: no

  #Define user and password variables
  vars:
    # created with:
    # python -c 'python -c 'import crypt; print crypt.crypt("guest123", "guest")'
    password : gu2KmqcJp0Yyo
    user : guest

  # Define task to add user
  tasks:
    - name: add user
      action: user name={{ user }} password={{ password }} update_password=always 
                   shell=/bin/bash home=/home/{{ user }}
      tags:
        - user

After updating code run above playbook and it will create new user with given password.