HowTo: Let’s Encrypt SSL with Varnish and Pound on Ubuntu Server

Let’s Encrypt is a free, automated, and open certificate authority (CA), run for the public’s benefit. Let’s Encrypt is a service provided by the Internet Security Research Group (ISRG). The key principles behind Let’s Encrypt are:

  • Free: Anyone who owns a domain name can use Let’s Encrypt to obtain a trusted certificate at zero cost.
  • Automatic: Software running on a web server can interact with Let’s Encrypt to painlessly obtain a certificate, securely configure it for use, and automatically take care of renewal.
  • Secure: Let’s Encrypt will serve as a platform for advancing TLS security best practices, both on the CA side and by helping site operators properly secure their servers.
  • Transparent: All certificates issued or revoked will be publicly recorded and available for anyone to inspect.
  • Open: The automatic issuance and renewal protocol will be published as an open standard that others can adopt.
  • Cooperative: Much like the underlying Internet protocols themselves, Let’s Encrypt is a joint effort to benefit the community, beyond the control of any one organization.

After this tutorial, we will have our websites served via encrypted connection with Let’s Encrypt SSL on a server running varnish. Because varnish can’t handle SSL requests, we need pound. Continue reading

How To: Compile Linux Kernel on Ubuntu

Current stable kernel version: 5.19.1

Current development kernel version: None right now

You are wondering why would you compile Linux kernel, when you already have generic one installed. Some of the reasons are: Ubuntu is not really famous for updating kernel to the newest version in 6 months cycle. New kernel brings new hardware support. And you can tweak the kernel as you like, so it can run faster and be slimmer. This HowTo will show you how to do exactly that. A lot of people thinks that compiling kernel is something that a ordinary PC user can’t do, but by following this tutorial, everyone can do it.
So, let’s start.

Continue reading