KUSANAGI module update

The modules that composed KUSANAGI had been updated. The new versions are as follows.

NGINX 1.11.7
Apache2 2.4.25

Use the following command to update modules.

# yum update

In this time update ,/etc/httpd/conf.d/http.conf and ssl.conf including mod_ssl package in Apache2 will rename be _http.conf and _ssl.conf
This ensures that the settings described in this file will be set as default.

There is not have any problem with excluding yum update but when install kusanagi-httpd with yum install,
depends to mod_ssl package installation, ssl.conf may automatically generated

In this case, use the following command to manually rename the file name.

# mv /etc/httpd/conf.d/ssl.conf /etc/httpd/conf.d/_ssl.conf

KUSANAGI version upgrade details 8.0.2-2

KUSANAGI version upgrade details 8.0.2-2

The bug fix of KUSANAGI 8.0.2-1 is done.
If you are currently using a previous version, please enter the following command as root user to upgrade to 8.0.2-2

# yum update

KUSANAGI 8.0.2-2 bug fixes

  1. Failure to register SSL certificate in CT log server
  2. Failure in DB registration or deletion

1. Failure to register SSL certificate in CT log server

We found out registration failed due to the service log server which provided by Google have been stopped even since KUSANAGI-8.0.1-1 have correspondence of transparency of SSL certificate.
In this case, some browsers such as Safari was function abnormally with using Let’s Encrypt SSL certificate.

KUSANGI-8.0.2-2

  1. Modification in CT log server
    The registration will modify to ct.googleapis.com/pilot、icarus、rocketeer、skydiver when ct.googleapis.com/aviator log service stopped
  2. Failure in processing registration into CT log server
    Error messages will show up to login to next log server when failed to register into CT log server. Empty SCT file will be delete after failed to register CT log server again.
  3. Make CT do not turn on when acquiring Let’s Encrypt SSL certificate
    Make CT do not turn on when acquiring Let’s Encrypt SSL certificate with kusanagi provision/ssl
  4. New option to prevent registration to log server when CT enabled

    Automatically registered the SSL certificate in the CT log server with kusanagi ssl --ct on, even commercial SSL certificate already registered in CT. Therefore, when specified with --noregister either --noregister option will stop the registration to log server
    Example)

    kusanagi ssl --ct on --no-register profile name

2.Failure in DB registration or deletion

There was a issue in DB deletion has been failed with kusanagi remove that DB which obtained a symbol included DB name.
This bug has been fixed in this time update.

Simply Fast WordPress [14] – Using KUSANAGI – Adding Always-On SSL and HTTP/2 (Part 2. SSL Server Certificates for Business)

This is a series of articles explaining how to speed up WordPress, the use of which is growing rapidly for CMS-based business sites and media sites. This time, we will explain how to install Always-On SSL with SSL server certificates for business, and HTTP/2.

Last time, we explained how to install Always-On SSL and HTTP/2 using free SSL certificates from Let’s Encrypt.

This time, we will explain the significance of using SSL server certificates for business-use from services like Digicert, Globalsign, Network solutions, and Symantec. We will also explain how to install them along with HTTP/2. In this article, we assume that you have provisioned WordPress with KUSANAGI, so it is recommended that you read “Using KUSANAGI – Adding Always-On SSL and HTTP2 (Part 1. Let’s Encrypt)” first.

Read the full article »