Extracting Certificate and Private Key Files from a .pfx File

Purpose

Customers sometimes have a need to export a certificate and private key from a Windows computer to separate certificate and key files for use elsewhere. Windows doesn't provide the means to complete this process.

Exporting Certificates from the Windows Certificate Store describes how to export a certificate and private key into a single .pfx file. Follow the procedure below to extract separate certificate and private key files from the .pfx file.

Procedure

1. Take the file you exported (e.g. certname.pfx) and copy it to a system where you have OpenSSL installed. Note: the *.pfx file is in PKCS#12 format and includes both the certificate and the private key.
2. Run the following command to export the private key: openssl pkcs12 -in certname.pfx -nocerts -out key.pem -nodes
3. Run the following command to export the certificate: openssl pkcs12 -in certname.pfx -nokeys -out cert.pem
4. Run the following command to remove the passphrase from the private key: openssl rsa -in key.pem -out server.key 

Detecting Processor Bottlenecks

The symptoms of a processor bottleneck aren't difficult to recognize:

• Processor: %Processor Time often exceeds 90%.
• System: Processor Queue Length is often greater than 2.
• On multiprocessor systems, System: % Total Processor Time often exceeds 50%.

But these symptoms don't always indicate a processor problem. And even when the processor is the problem, adding extra processors doesn't always solve it. In this chapter, you'll learn to use Performance Monitor to analyze such symptoms, determine the likely cause of processor bottlenecks, and implement effective solutions.


Note Before upgrading or adding processors, verify that the processor is the source of problem. Memory shortages, by far the most common bottleneck, often masquerade as high processor use

The Idle Process

Processors never rest. Once powered up, they must always be executing some thread of instructions. When not executing the thread of an active user or system process, they execute a thread of a process called Idle.


The Idle process has one thread per processor. It has such a low base priority that it runs only when nothing else is scheduled to run. This process does nothing but occupy the processors until a real thread is ready to use them. On a quiet machine, when you would expect processor use to be very low, the Idle process will be using most of the processor time.


Performance Monitor and Task Manager both use the Idle thread to indicate that the processor is not busy. Processor: % Processor Time, System: % Total Processor Time, and Task Manager's CPU Usage and CPU Usage History all measure the Idle thread and display processor busy time as the difference between the total time and the time spent running the Idle thread. Performance Monitor's Process: % Processor Time for the _Total instance even includes time processing the Idle thread.


To measure the Idle thread, use the Process: %Processor Time counter for the Idle process, or use the Processes tab on Task Manager.

How To Identify Functions causing a High User-mode CPU Bottleneck for Server Applications in a Production Environment

http://perftesting.codeplex.com/wikipage?title=How%20To%3A%20Identify%20a%20Disk%20Performance%20Bottleneck%20Using%20SPA&referringTitle=How%20Tos

Backup and restore the Local GPO

Backup and restore the Local GPO

In this post, I would like to introduce the method to backup and restore the Local GPO.
LOCALGPO, A handy tool to apply security setting to non-domain joined computers or Local GPO in your organization.

1. You may download Security Compliance Manager (SCM) from Microsoft.
2. Extract "Security_Compliance_Manager_Setup.exe" to a new folder A via 7zip or WinRAR.
3. Extract the "data.cab" to a new folder B.
4. In the new folder B, add the .msi extension to file named "LocalGPO"
5. Install the new MSI Installer "LocalGPO.msi"
6. Launch command-line here.cmd from C:\Program Files\LocalGPO on 32-bit systems or C:\Program Files (x86)\LocalGPO on 64-bit systems

Insert before this line the following:
If(Left(strOpVer,3) = “6.3”) and (strProductType <> “1”) then
strOS = “WS12”


 

  

IIS 8.5 - http to https redirect

Vmware vSphere6.0 / Windows 2012 R2 - Event Id : 27 e1iexpress

This error occurs with the VMware NIC Adaptertype e1000e.

You may try the 2 solutions:

• Change the Adapter type to vmxnet3 or e1000
• Disable TCP segmentation offload (TSO) in the guest operating system
  c:\> netsh int tcp set global chimney=disabled 
c:\> netsh int tcp set global rss=disabled

From a support forum: "Install VMware tools , remove e1000 network card after a VM stop, add a card same vswitch etc but, with a vmxnet3 type. Don't use the default card! Start and enjoy this solution . E1000 and E1000e are just unstable in Windows 8 / Windows 2012 , the network card reset randomly with or without heavy I/O." 

https://communities.vmware.com/thread/433792?start=30&tstart=0

Junipper Firewall - Have to export to xml with CLI

Login to cli, and put in this command and capture output

Show config | display xml

The config show will be in xml format