Blog / Security

Generate random passwords on Linux with the "pwgen" command

February 26, 2017


With the recent Cloudflare hack ("CloudBleed"), I currently find myself resetting a bunch of passwords.

I tend to use very random passwords for most of my accounts, where each account uses a different random password. Thankfully, with tools like pwgen this is very quick and easy to do. Before using pwgen, I would normally go to a site like random.org to generate random passwords.

Using `pwgen` is very simple, just install it and type ...

Automatically generating and renewing Let's Encrypt SSL certificates with the certbot client and Ansible

August 11, 2016

I just finished updating my ansible-django-stack project and added tasks to automatically issue a Let's Encrypt SSL certificate and set up a cron job to auto-renew the certificate.

We're now using it for all our Shopify apps which are built in Django. Let's Encrypt certificates are only valid for 90 days, so if you have a bunch of web apps like we do and have more planned in the future, automating this ...

Generating free trusted SSL certificates with Let's Encrypt

July 19, 2016

I've always hated the idea of having to pay for SSL certificates. You could always generate them yourself for free with OpenSSL and they're just as secure as the paid ones. But if you're running a public-facing website, you're pretty much stuck and have to pay for one if you don't want your visitors seeing security warnings in their browser. At least that was the case until Let's Encrypt ...

Certificate verify failure with version 2015.9.6.2 of the certifi package

October 12, 2015

I just spent the past hour trying to troubleshoot this error message I was getting from the requests package when communicating with the MailChimp API:

SSLError: [Errno 1] _ssl.c:510: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

I just provisioned a production server running Ubuntu 14.04 x64 for a new Django project and had been pulling my hair out trying to figure out why it was throwing this error when our stage ...

Older