Category Archives: Tutorial

ACME DNS-01 basic Autorenewing Script for txt records on dns.he.net

Options are limited when you want to generate a free Let’s Encrypt SSL certificate using WIN-ACME and you can not or do not want to publish verification files on the server – especially if you want the certificates to be auto-renewed. Also, I must mention that the SSL is for a wildcard domain.

I have domain records hosted on dns.he.net (Hurricane Electric) which is a free dynamic DNS provider and it has been very reliable for – I don’t even remember how many years. My aim is to generate a Let’s Encrypt SSL certificate and enable auto-renewal using DNS-01 verification from a script.

I should indicate that I am doing this on a Windows 2012 server machine not a linux machine.

First we will create a TXT record on HE portal, lower the time to live value and set the record type as dynamic.

Adding TXT Record on HE.NET for acme-challenge.

Once that is done, we will click on the refresh icon to setup our secret key which is used to authenticate valid requests.

Press the refresh/renew icon.
Type your desired key and click on Submit.

Now we will work on the server to create a very basic BAT script file.

@echo off
curl -4 "http://%1:Abcdef12345@dyn.dns.he.net/nic/update?hostname=%2&txt=%3"

Also, we will download curl from https://curl.se/windows/ and extract the contents to the root of the folder where we will keep our script file. I will probably be okay with the hardcoded secret key in the script as I have only 2 domains and I will use same key on both. If you have multiple domains then you may have to improvise on this part. I will not bother as it is okay for my needs.

Now it’s time to run the wacs.exe application and when it will ask for the domain validation method, I will select option 8 (at the time of writing this) which is the verification using your own script. When it will ask for the arguments, use these in this order:

{RecordName} {Identifier} {Token}

If you followed all the instructions as I stated, it will now succesfully validate and issue certificates. Its up to you how you want to install them as the wacs.exe script has good options for that too.

How to setup a lightweight Linux (Ubuntu) based SSH server

This is not a beginner level process so if you do not know why you would need an SSH server, this post is not for you. Now that is out of the way, let’s begin:

  1. Grab ISO for ubuntu server from here
  2. Install it on your hypervisor or physical machine if you are old school in that way.
  3. Install openssh server:
    1. Sudo apt-get update
    2. Sudo apt-get install openssh-server
  4. Enable and Start the SSH service
    1. Sudo systemctl enable ssh
    2. Sudo systemctl start ssh
    3. (to check it is running) sudo systemctl status ssh

[How To] Create Bootable Windows XP USB

Yesterday I ran into trouble while trying to install Windows XP on an old computer. The problem? Well I didn’t have a CD ROM drive on that computer and the only way to install was to use a bootable USB. I tried several well-known software tools available on the internet but somehow they didn’t work. May be because Windows XP was not designed to be USB bootable.

Finally I came across this amazing tool called rufus and it did it. The only other thing it needed was the ISO for Windows XP.

If you also want to make a Bootable Win XP USB, follow these steps:

Bootable WinXP USB
Howto Create Bootable USB Win XP

  1. Launch Rufus.
  2. Select your device from the drop down list.
  3. Click on the little CD Drive button and select the ISO file you want to use (Windows XP image)
  4. Hit Start button and off it goes.

Create Bootable USB Win XP

And you have your bootable Windows XP USB as simple as that.