Docker Swarm Overlay Encryption

Hi Guys!

I have set up a Docker Swarm cluster on the new Hetzner Cloud. First things first – the Hetzner Cloud is really amazing: Super simple, super cheap and performs as expected. It is not a bloated cloud provider that has 100x services and features that you can use for your servers, this keeps the costs and complexity down – I am really a big fan of it.

Now to the topic: Because the feature-set is simple, the Hetzner Cloud does not provide private networking (yet!). With only public IP addresses, we need to secure the overlay traffic between our docker containers!

Continue reading

Changing signature algorithm for CSR generation on Plesk

Hi Webhosters!

If you are running a Plesk, commercially, for fun or whatever other reason, this information might be for you.

When you want to order a certificate from a CA, there are now several CA’s that stop taking orders from CSRs that are using SHA1 as signature algorithm. Google also wants to accelerate the end of SHA1 by stopping marking a connection as secure if a certificate is used that is signed with SHA1. You can read more about that here.

Sadly, Plesk generates the CSR with SHA1 by default.

Continue reading