I needed to encrypt some strings before sending them out over the network to another process and I don’t want to rely on another mechanism for handling the encryption, so here’s my simple AES encryption class. You can load plain text out of the vault by providing a cipher or save an encrypted message by supplying the plain text.

Sometimes a dictionary is nice for keeping things simple. You can directly access any value by looking at the key. But perhaps you need to split the dictionary up into two lists. Or go the other way; turn two related lists into a key-value dictionary.

If you want to store a mix of encrypted and unencrypted files under the same area, choose plaintext passthrough, otherwise choose the default, no. I suggest an all or nothing approach, as it can get confusing as to which files are encrypted especially when they’re binary! (With ascii text files you can just cat a file and tell if it’s encrypted or not.)

If you submit an SSL certificate request for your Apache/Lighttpd web server to a Certificate Authority (CA) on a Windows Domain Controller, you might have to convert your resulting binary DER formatted Security Certificate into PEM so Apache or Lighttpd can understand it.

This doesn’t have to be complicated at all.  This was what I did on my ldap servers:
[user@ldap-primary /etc/openldap/cacerts ]$ sudo openssl req -newkey rsa:1024 -x509 -nodes -out ldap-primary.pem -keyout ldap-primary.pem -days 3650
[user@ldap-slave1 /etc/openldap/cacerts ]$ sudo openssl req -newkey rsa:1024 -x509 -nodes -out ldap-slave1.pem -keyout ldap-slave1.pem -days 3650
That’s it!  No messing …