Well how’s about that then..
I’ve finally got my head round lookahead regular expressions. They’ve been causing me pain… and here’s the page that brought the relief.
Regex Tutorial – Lookahead and Lookbehind Zero-Width Assertions
This bit in particular..
(there is some lovely formatting on the original page, so it is worth the visit)
Positive and Negative Lookahead
Negative lookahead is indispensable if you want to match something not followed by something else. When explaining character classes, I already explained why you cannot use a negated character class to match a “q” not followed by a “u”. Negative lookahead provides the solution: q(?!u). The negative lookahead construct is the pair of round brackets, with the opening bracket followed by a question mark and an exclamation point. Inside the lookahead, we have the trivial regex u.
Positive lookahead works just the same. q(?=u) matches a q that is followed by a u, without making the u part of the match. The positive lookahead construct is a pair of round brackets, with the opening bracket followed by a question mark and an equals sign.
You can use any regular expression inside the lookahead. (Note that this is not the case with lookbehind. I will explain why below.) Any valid regular expression can be used inside the lookahead. If it contains capturing parentheses, the backreferences will be saved. Note that the lookahead itself does not create a backreference. So it is not included in the count towards numbering the backreferences. If you want to store the match of the regex inside a backreference, you have to put capturing parentheses around the regex inside the lookahead, like this: (?=(regex)). The other way around will not work, because the lookahead will already have discarded the regex match by the time the backreference is to be saved.
Regex Engine Internals
First, let’s see how the engine applies q(?!u) to the string Iraq. The first token in the regex is the literal q. As we already know, this will cause the engine to traverse the string until the q in the string is matched. The position in the string is now the void behind the string. The next token is the lookahead. The engine takes note that it is inside a lookahead construct now, and begins matching the regex inside the lookahead. So the next token is u. This does not match the void behind the string. The engine notes that the regex inside the lookahead failed. Because the lookahead is negative, this means that the lookahead has successfully matched at the current position. At this point, the entire regex has matched, and q is returned as the match.
Let’s try applying the same regex to quit. q matches q. The next token is the u inside the lookahead. The next character is the u. These match. The engine advances to the next character: i. However, it is done with the regex inside the lookahead. The engine notes success, and discards the regex match. This causes the engine to step back in the string to u.
Because the lookahead is negative, the successful match inside it causes the lookahead to fail. Since there are no other permutations of this regex, the engine has to start again at the beginning. Since q cannot match anywhere else, the engine reports failure.
Let’s take one more look inside, to make sure you understand the implications of the lookahead. Let’s apply q(?=u)i to quit. I have made the lookahead positive, and put a token after it. Again, q matches q and u matches u. Again, the match from the lookahead must be discarded, so the engine steps back from i in the string to u. To lookahead was successful, so the engine continues with i. But i cannot match u. So this match attempt fails. All remaining attempts will fail as well, because there are no more q’s in the string.
After recently installing an SSL certificate on one of my servers, I decided it was time I told myself how I do it.. rather than guessing from scratch each time.
Source page…
Generate CSR for SSL on Apache mod SSL + OpenSSL
For archive purposes
Generate a Certificate Signing Request (CSR) for an SSL Certificate from RapidSSL.com
Apache + Mod SSL + OpenSSL
Follow these instructions to generate a CSR for your Web site. When you have completed this process, you will have a CSR ready to submit to RapidSSL.com in order to be generated into a SSL Security Certificate.
OpenSSL is the open source project that replaced SSLeay. If you are using SSLeay on your system instead of OpenSSL, substitute ssleay with openssl for the commands.
1. Install OpenSSL, if not found on your server.
2. Create a RSA key for your Apache server:
cd /apacheserverroot/conf/ssl.key (ssl.key is the default key directory.)
If you have a different path, cd to your server’s private key directory
3. Type the following command to generate a private key that is file encrypted. You will be prompted for the password to access the file and also when starting your webserver: Warning: If you lose or forget the passphrase, you must purchase another certificate.
openssl genrsa -des3 -out domainname.key 1024
You could also create a private key without file encryption if you do not want to enter the passphrase when starting your webserver:
openssl genrsa -out domainname.key 1024
Note: We recommend that you name the private key using the domain name that you are purchasing the certificate for ie domainname.key
4. Type the following command to create a CSR with the RSA private key (output will be PEM format):
openssl req -new -key domainname.key -out domainname.csr
* Note: You will be prompted for your PEM passphrase if you included the “-des3″ switch in step 3.
5. When creating a CSR you must follow these conventions. Enter the information to be displayed in the certificate. The following characters can not be accepted: <> ~ ! @ # $ % ^ * / \ ( ) ?.,&
DN Field
Explanation
Example
Common Name The fully qualified domain name for your web server. This must be an exact match. If you intend to secure the URL https://www.yourdomain.com, then your CSR’s common name must be www.yourdomain.com.
Organization The exact legal name of your organization. Do not abbreviate your organization name. RapidSSL.com
Organization Unit Section of the organization Marketing
City or Locality The city where your organization is legally located. Wellesley Hills
State or Province The state or province where your organization is legally located. Can not be abbreviated. Massachusetts
Country The two-letter ISO abbreviation for your country. US
6. Do not enter extra attributes at the prompt.
Warning: Leave the challenge password blank (press enter)
Note: If you would like to verify the contents of the CSR, use the following command:
openssl req -noout -text -in domainname.csr
7. Submit your CSR to RapidSSL.com using the online application pages.
Create a backup of your private key!
Make a copy of the private key file (domainname.key) generated in step 3 and store it in a safe place! If you lose this file, you must purchase a new certificate.
* The private key file should begin with (when using a text editor)
—–BEGIN RSA PRIVATE KEY—– and end with —–END RSA PRIVATE KEY—–.
To view the contents of the private key, use the following command:
openssl rsa -noout -text -in domainname.key
To get eWebedit working in Firefox, you’ll need to install an activex interpreter. This should be automatically installed by visiting this Esker plugin demo page.
Once the demo is working, you’ll need a user agent switcher to fool eWebedit into thinking you are using Netscape 7.
User agent switcher
After restarting Firefox, if you don’t have a Netscape 7 user agent string installed by default.. check under Tools -> User Agent Switcher ->
then you can import mine.
User Agent Strings (Right click -> Save Links As)
Tools -> User Agent Switcher -> Options -> Options -> User Agents -> Import
Select Netscape 7 as your User Agent, visit your page that uses eWebedit, and all should be rosy. You’ll need to switch the User agent to Netscape 7 each time you want to use eWebedit after closing Firefox.
