Useful OpenSSL Commands

Generate new SSL private key and CSR file:

openssl req -new -newkey rsa:4096 -nodes -keyout mydomain.key -out mydomain.csr 

Convert RSA private key to PEM format:
openssl rsa -in mydomain.key -text > mydomain-key.pem

Convert key, cert and ca-bundle into pfx format to be imported into IIS:

(If the IIS Server Windows Server 2016, must use OpenSSL 1.0.x  to convert CRT to PFX otherwise the .pfx file import will fail with "incorrect password" error.)

openssl pkcs12 -export -out mydomain.pfx -inkey mydomain.key -in mydomain.crt -certfile intermediateCA.crt

Convert everything into Tomcat keystore file such as for JIRA:

In Linux, concatenate all *.pem files (cert first, followed by interca cert) into one pem file, like all.pem Then create keystore in p12 format with private key + all.pem

openssl pkcs12 -export -inkey private.key -in all.pem -name test -out test.p12

Then go into Windows, use Java included keytool to export p12 into jks

keytool -importkeystore -srckeystore test.p12 -srcstoretype pkcs12 -destkeystore test.jks

For Jira, make sure the "name" is "alias", use "jira" as "name".

The path of keystool.exe in Windows is at C:\Program Files\Java\jre7\bin

When done, list the content of the keystore file:

Keytool -list -keystore test.jks

A Perfect ROM for Asus Zenfone 2 ZE551ML(Z00A)

Recently upgraded my three year old Asus Zenfone 2 ZE551ML(Z00A) from Android 6 CleanStock to Android 7.1.2 Groovy Android. It works perfectly. All around better than Android 6 CleanStock which has stopped updating long ago. Groovy Android seems will keep updating.

https://forum.xda-developers.com/zenfone2/development/rom-groovy-android-t3756429

Why do you need a $1000 new phone like iPhone while a $100 old phone works perfectly well with a good ROM.