My self signed certificate ran out yesterday so I needed to generate a new certificate.  I still have the key from my original certificate (obviously), but for some reason I couldn’t find the certificate request file from last time.  On top of that I couldn’t remember the exact commands to generate the new key.

With some help from Xeno Cafe web site these are the steps I took:

1. openssl req -new -key tuxx.tuxx.org.uk.key -out tuxx.tuxx.org.uk.csr
2. openssl x509 -req -days 730 -in tuxx.tuxx.org.uk.csr -signkey tuxx.tuxx.org.uk.key -set_serial 08 -out tuxx.tuxx.org.uk.crt

In step 1 I enter the details and the certificate request file is generated (this is the one you send off when you want a signed certificate).  In step 2 the actual certificate is created.  I opted to make it valid for 2 years hence the 730. Once that’s done it’s just a case of putting the key file and certificate file on top of the old files and restarting apache.

The first time I generated the cetificate Firefox gave serial key error on the certificate.  After a quick google I came up with suggestion to set the serial on the certificate.  I didn’t even know you could do that!

The second time I created the certificate also setting the serial and the restarted apache.  This time it worked.

The blog, gallery, and webmail have all been updated this weekend to the latest version

I run Roundcube for my webmail system and this finally reached a stable release in early March.  Gallery runs my gallery and has also had a fairly big point release in the past few months, version 2 is really starting to come into it’s own and settle down.  And finally my blog runs on WordPress which had a point release in the past 24 hours

That’s more or less the error message I got some time in February. I was sat at my computer doing some work with a remote database while at the same time catching up on Life in Cold Blood on the BBC’s iPlayer when bang, it all came to a halt and timed out. No internet connection.

I couldn’t get Sully to reconnect that evening so I called the support line at Zen, my ISP. No problems at their end. In the end I decided that some part of the hardware on Sully had died, and so grabbed a spare Netgear router from Dad that he wasn’t using. I had been running a low quality cable from the master phone socket to Sully, and while on the phone to Zen they did mention my connection speed was fluctuating. So I took the opportunity to do some recabling and place the Netgear next to the master socket and run a proper network cable back to the server (and from there to the rest of the house).

It worked first time, and at the time lead me to conclude that Sully had indeed had a hardware failure.

Fast forward a few weeks and I decide to tidy up the old cable – only to find this. Doh! My landlord will get getting a call.

Roll back to November and my brother calls me from Germany:

Brother: I can’t play any of my DVD’s, only the one I got in Canada.  And it wont let me change the region back.
Me: How many times have you changed the region on your laptop’s DVD drive?
Brother: It asked me to change it when I put the Canadian DVD in but I haven’t change it before and now I need to change it back.
Me: Hmm, ok…

Followed by about 5 minutes of me talking him through various different things to try, and to also confirm to me that he couldn’t change the DVD region away from Region 1 (North America). In the end I’m not able to solve it, and we hang up with a promise from me to have a look at his laptop when he is back for Christmas in a few weeks.

Fast forward to just before Christmas and I’m having a look at my brothers laptop. Sure enough he has run out of changes to his region code and the various software hacks and downloads don’t work.  I even flash his DVD drive with the latest firmware as suggested on various web sites.  Still no luck, looks like he is going to have to buy a new DVD drive.  A search on eBay gives some promising results.

Just as I’m about to admit defeat and hand the laptop back, I download VLC on a whim – and it works! I have no idea how it works, I guess it just ignores the region and plays the DVD regardless.

Another satisfied customer

Gone are the days when I used to be able to keep my Linux server up and running for upwards of 150+ days. These days updates are so frequent that I just about manage a month before the next set are released.

It’s not just my server either, the same is true of the servers I used to look after in previous jobs.  These weren’t just exclusively Windows or Linux servers either, it was a mix of both.

Some people take the view that don’t need to apply an update if you don’t use that particular bit of the system, but I’m in the opposite camp. What happens if one day you install a piece of software that uses that bit of the system that you’ve never updated…

On Windows it’s rare to apply and an update doesn’t require you to reboot after applying it, while on Linux it’s often easier as you can just restart the service that you’ve just updated.  This can lead to bigger uptime for Linux, but these days Linux systems are so complex and the kernel updates are that frequent that I tend to reboot after most major updates (unless I’m 99% sure that I don’t need to).

Getting that 100% uptime is becoming harder and harder.

Hard disk are about one of the more power hungery components of any computer system.  This isn’t normally an issue when the hard disk is inside your computer where it can pillage as much electricity as your power supply can manage.  But take a hard disk outside your computer and the story is different.  Think along the lines of a USB external hard disk, with a power supply of course.

Now I use one of these as part of my backup system.  Not perfect (what backup system is), but for the most part it works.  That is until the electronics inside the enclosure decide not to provide enough power to the disk.  Take the disk out of the enclosure, plug it into your computer and you can hear it spin up when the pc is turned on.  You can even read data from it so you know it works.   Put it back into the enclosure and turn it on.  What do you hear?  A little ticking noise as the disk tries to power up and spin but doen’t have enough power.

Happened to me twice now. Two separate disk, two separate enclosures, two different power supplies. 

I distinctly remember reading about SCO v. Novel when I started my university placement in summer 2003.  At the time I talked with a long term unix user and colleague who hadn’t seen the news.  While I don’t remember what my colleague said I do remember that the general opinion from Linux users around the world was that SCO couldn’t win – and that it would damage SCO badly.

 Well it did damage SCO badly, especially when they lost the court case.  But today comes the ultimate news: SCO files for US bandruptcy protection

Good bye SCO.

Came across a tip last night that shows how to make all your web browsing about as private as reasonably possible when at work/school.

Most techies know how to hide your web browsing habits using ssh as a proxy server, but some might not realise that clues can still be found in your dns requests. Basically while the actual web traffic (http and https) go over the ssh/proxy tunnel, the dns requests to those web site are still made to your local dns server. It wouldn’t take that much effort to work out which servers you were visiting by the dns requests.

However there is a solution if you are using Firefox. Type about:config into the address bar then search for ‘socks_remote’. By default this value is set to false, double click to change to true. Now the dns requests that Firefox makes will also go over the ssh/proxy tunnel.

It worked for me last night with no real problems, but I’ve not tested any complicated web sites (read: web sites that pull from different servers and domains). I also have no idea if this setting should be turned to false when not using the ssh/proxy tunnel, I shouldn’t think so but I’ve not tested this.

Tonight my server is being turned off until I get a connection sorted at the new house. Until such time e-mail and this web site are temporary located on a shared server.

I’ve moved the home page, blog, and a few others bit ‘n’ pieces, the gallery is 978MB is size so I’ll move that later (if at all). The shared server includes webmail so I’ve not moved roundcube over either.

All other services (test areas, other web sites, music etc) will stay on tuxx and will just be unavailable for the time being.