key_buffer deprecated in MySQL

Warning message during MySQL startup

[Warning] Using unique option prefix key_buffer instead of \
key_buffer_size is deprecated and will be removed in a future release. \
Please use the full name instead.

Modify /etc/mysql/my.cnf

key_buffer_size         = 16M

Install cn=monitor on Ubuntu 14.04 LTS

Here are some notes how I install cn=monitor v3.2.1 on Ubuntu 14.04 LTS
Tribut to Andreas Andersson for a great job http://cnmonitor.sourceforge.net/
Please refer to ”CN=Monitor 3.2.1.pdf” for more information.

Prereq is a ”vanilla” Ubuntu 14.04 LTS server

Install LDAP client

$ sudo apt-get install ldap-utils

$ dpkg --get-selections | grep ldap
ldap-utils		install
libldap-2.4-2:amd64	install

Avoid common name validation in certificates for LDAPS

$ vi /etc/ldap/ldap.conf
TLS_REQCERT  never

Install Apache2

$ sudo apt-get install apache2

Install PHP:

$ sudo apt-get install php5 php5-cli php5-ldap

$ dpkg --get-selections | grep php
libapache2-mod-php5     install
php5                    install
php5-cli                install
php5-common             install
php5-json               install
php5-ldap               install
php5-readline           install

Install MySQL:

$ sudo apt-get install mysql-server mysql-client php5-mysql

$ dpkg --get-selections | grep php
libapache2-mod-php5     install
php5                    install
php5-cli                install
php5-common             install
php5-json               install
php5-ldap               install
php5-mysql              install
php5-readline           install

key_buffer_size-depricated

Unzip cnmonitor-3.2.1-1.zip in /usr/share

$ sudo unzip cnmonitor-3.2.1-1.zip -d /usr/share

Install database schema

$ mysql -u root -p < /usr/share/cnmonitor/sql/mysql.sql

Restart Apache Web server

$ sudo service apache2 restart

Move config directory to /etc, create symbolic link and set file permissions:

$ sudo mv /usr/share/cnmonitor/config /etc/cnmonitor
$ sudo ln -s /etc/cnmonitor /usr/share/cnmonitor/config 
$ sudo chown -R root:www-data /etc/cnmonitor
$ sudo chmod -R 650 /etc/cnmonitor
$ sudo chmod -R +x /usr/share/cnmonitor/bin

Copy cnmonitor.conf to conf-available directory

$ sudo cp /usr/share/cnmonitor/conf/httpd/cnmonitor.conf /etc/apache2/conf-available/.

Enable cnmonitor configuration in Apache Web server

$ sudo a2enconf cnmonitor

Activate the new configuration

$ sudo service apache2 reload

Configure cn=monitor

Please refer to section ”5. Configuration” in CN=Monitor 3.2.1.pdf

Openssl, s_client

Retrieve and parse certificate from server

$ echo | openssl s_client -connect servername:443 \
| openssl x509 -noout -text
 openssl s_client -CAfile ./CAcert.pem -connect servername:1636 -ssl3
 openssl s_client -connect servername:1636 -cert clientcert.cer -certform DER -key clientkey.key

Parse an ASN.1 sequence.

$ openssl asn1parse -inform DER -in sample.cer -dump
Publicerat i PKI