Thursday 26 March 2009
Star tracker v0.2 release
Wow, StarTracker v0.2 is now live.
With new Nomination usability fixes. Now you don't need to guess the username, and the "star" is easier to pick.
Thursday 19 March 2009
Using openssl to test https sites
Here is a little gem I found in Absolute FreeBSD - Chapter 9 that lets you test the certificate used by a web server to start a https connection. Basically what happens is that openssl opens a SSL connection to the web site, prints all the details of the connection and then you can enter a HTTP request as if you were connected via telnet to port 80. Reading the output gives you a good idea of what is wrong or right with your cert. Seeing I had to use it twice today to check our certificates I would say it is really useful.
Here is an example of use:
Here is an example of use:
openssl s_client -connect www.google.com:443Which yelds:
CONNECTED(00000003)
depth=1 /C=ZA/O=Thawte Consulting (Pty) Ltd./CN=Thawte SGC CA
verify error:num=20:unable to get local issuer certificate
verify return:0
---
Certificate chain
0 s:/C=US/ST=California/L=Mountain View/O=Google Inc/CN=www.google.com
i:/C=ZA/O=Thawte Consulting (Pty) Ltd./CN=Thawte SGC CA
1 s:/C=ZA/O=Thawte Consulting (Pty) Ltd./CN=Thawte SGC CA
i:/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIDITCCAoqgAwIBAgIQPI06ZO4Y3RtzC6GS7viYGzANBgkqhkiG9w0BAQUFADBM
MQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkg
THRkLjEWMBQGA1UEAxMNVGhhd3RlIFNHQyBDQTAeFw0wODA1MDIxNzAyNTVaFw0w
OTA1MDIxNzAyNTVaMGgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlh
MRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRMwEQYDVQQKEwpHb29nbGUgSW5jMRcw
FQYDVQQDEw53d3cuZ29vZ2xlLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC
gYEAmxntXaVWr0lm23n9whx4Tk8RpYqs4pTu4+JLwAMlp5nMZeHslK6u8KeZvBDX
7YcwR81Q+a/T0/QLjUeKLuLOU5uRmX8eXPkb1umTZ+NK+M/EjAxo0ZdURw4KJDCn
gpSu3q4/v7oUxviykI42reHQvhaas15yOEnadKE//9KHge0CAwEAAaOB5zCB5DAo
BgNVHSUEITAfBggrBgEFBQcDAQYIKwYBBQUHAwIGCWCGSAGG+EIEATA2BgNVHR8E
LzAtMCugKaAnhiVodHRwOi8vY3JsLnRoYXd0ZS5jb20vVGhhd3RlU0dDQ0EuY3Js
MHIGCCsGAQUFBwEBBGYwZDAiBggrBgEFBQcwAYYWaHR0cDovL29jc3AudGhhd3Rl
LmNvbTA+BggrBgEFBQcwAoYyaHR0cDovL3d3dy50aGF3dGUuY29tL3JlcG9zaXRv
cnkvVGhhd3RlX1NHQ19DQS5jcnQwDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQUF
AAOBgQAxCmyinulUGRZomZHWQ8trtMxszLD78e6BvwArb1ASxq8CKjbBKN7FTFYg
bfU9QrkYgSCy3Vdd674yhFBFUW7N5C4qOIifUu0o//yNV7WtZK5NDg7ZPay4/mZM
FY9EUvp8PATtfzdhBP7V6bmwnv6lEWnJY9ZGgW8A2HIvgjdEwQ==
-----END CERTIFICATE-----
subject=/C=US/ST=California/L=Mountain View/O=Google Inc/CN=www.google.com
issuer=/C=ZA/O=Thawte Consulting (Pty) Ltd./CN=Thawte SGC CA
---
No client certificate CA names sent
---
SSL handshake has read 1765 bytes and written 322 bytes
---
New, TLSv1/SSLv3, Cipher is RC4-SHA
Server public key is 1024 bit
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1
Cipher : RC4-SHA
Session-ID: xxx
Session-ID-ctx:
Master-Key: xxx
Key-Arg : None
Start Time: 1237496532
Timeout : 300 (sec)
Verify return code: 20 (unable to get local issuer certificate)
---
Wednesday 11 March 2009
Absolute FreeBSD 2nd edition
In a vain attempt to learn more about FreeBSD I bought Absolute FreeBSD 2nd edition. I am already up to the 5th Chapter and finding it a good read. It reads well as the author has a very conversational tone, while giving you more than enough information on the topic at hand. He drops in jokes and honest truths, as if you were talking to him in a bar. I imagine that it would be a bit lacking if you were a hard core Unix admin, but then I guess you wouldn't be reading the book.
Chapters read so far:
Chapter 1 - Getting More Help
A very solid discussion into how to find information on the FreeBSD system in front of you. My favorite part is the section that describes how to write an email to the BSD user groups when you need support. I wish I could get anyone that sends me a support request to read this section before they do. If only so they can understand why they get so many polite emails back asking for more detail than "its broken".
Chapter 2 - Installing BSD
I skimmed this chapter as I already have FreeBSD installed, but will most likely go back and read it when I need to reinstall (due to human error)
Chapter 3 - Start Me Up! The Boot Process
This chapter was enlightening, I now have more insight into what the messages at boot time mean, and more importantly I found out that I could change the loader logo to a colour beastie. By adding the following to /boot/loader.conf:
loader_logo="beastieIts this sort of useless fact that I love, and while maybe not as important as some other configuration options, I now know that there is a loader.conf and what it does. Chapter 4 - Read this before you break something else! (Backup and Recovery) I was ready to skip this chapter, when my eyes fell upon the section on Revision Control for config files. This is something I have been wondering how to do this properly for a while now, so I stopped skimming and read on. Once again this section was straight forward and explains both the whys and the hows. No more thinking "I should really have this under version control" for me :)
Sunday 1 March 2009
Star Tracker v 0.1 Live
Finally I have got my act together and got star tracker released to the Civet server.
So you can see version 0.1 at http://caffeinesoftware.no-ip.org/startracker/index.
Subscribe to:
Posts (Atom)