The ramblings of a computer geek
You can submit commands into an EC2 instance via SSM (Secure Systems Manager), rather than having to open SSH to the machine. From within an authenticated session using AWS CLI on your workstation machine, you can remotely send commands to be run within the instance itself. The commands will typically be run as “root” within … Read more
Here’s an interesting one I came across today, there exists a problem whereby replacing a certificate on a Microsoft Exchange 2016 or 2019 won’t work if the Issuer and Subject of the new certificate happen to be the same as the old certificate (you are trying to replace). You’d expect most likely that when you … Read more
What to do when your self-signed certificate for Microsoft Exchange 2016 expires, Microsoft provide some good guidance about this: https://learn.microsoft.com/en-us/exchange/architecture/client-access/renew-certificates?view=exchserver-2019 You might see errors such as this when you’re trying to administer via PowerShell: You’ll have permissions so the error is a red herring, what is actually happening is you’re attempting to perform an operation … Read more
The first part is a basic deployment of BGP between two routers (Router A and Router B) with a single point to point link. In this example, each router is within its own AS (Autonomous System). Therefore any routes exchanged between each AS are eBGP (external BGP) routes. Routes exchanged within an AS are known … Read more
Although there are a few ways to do it, here is an example of how you can use the null_resource to make Terraform wait for an EC2 instance to be ready before continuning. In this example we have an EC2 instance called mgmt_host which will using the “trigger” set the Terraform into a loop to … Read more
So you have an EC2 instance you’ve deployed from Terraform, but as part of the run of your template you want to run some other commands. Sure, you can use the “user data” section to run commands at deployment time, but what if you want to run something later on? Well, you can use a … Read more
The time of on-premise Microsoft Exchange servers is beginning to draw to a close, although the Microsoft Exchange Server SE will continue, its feature complete essentially as of Exchange Server 2019, although there may be the odd minor changes here and there. Based on that replacing the certificate is a common task, the following instructions … Read more
Microsoft Windows 2016 does not support the newer encryption ciphers used by default by EJBCA (AES256-SHA256), therefore we need to generate a version of the certificate using the earlier encryption cipher type, i.e. TripleDES-SHA1 which is what is supported by the earlier version of Microsoft Windows, namely Server 2016. Check Encryption Ciphers Used Firstly get … Read more
Investigation into the loss of Rich Hybrid features for on-premise mailbox users, from around the beginning of November 2025. Exchange Version Says we need Exchange Server 2016 CU23 with April 2025 HU 15.1.2507.55, we are currently running 15.1.2507.58, so a later version than the minimum requirement, thus we are good on this version. Identified Issue … Read more
A simple VPC deployment pattern which includes a simple configuration that has been tested and can be used to build a new infrastructure from. It uses Terraform and uses local state storage (within a directory called “state_data”), for production uses it is mandated to use some form of remote state storage. The pattern within the … Read more