DNS over HTTPS

cd ~/Development/svn-install
wget http://prdownloads.sourceforge.net/scons/scons-2.3.4.tar.gz
wget http://mirror.ventraip.net.au/apache/apr/apr-1.5.1.tar.gz
wget http://mirror.ventraip.net.au/apache/apr/apr-util-1.5.4.tar.gz
wget http://mirror.ventraip.net.au/apache/subversion/subversion-1.8.10.tar.gz
tar xzf scons-2.3.4.tar.gz
tar xzf apr-1.5.1.tar.gz 
tar xzf apr-util-1.5.4.tar.gz
tar xzf subversion-1.8.10.tar.gz
cd scons-2.3.4
sudo python setup.py install
cd ../apr-1.5.1
./configure --prefix=/usr/local
make
sudo make install
cd ../apr-util-1.5.4
./configure --with-apr=/usr/local --prefix=/usr/local
make
sudo make install
cd ../subversion-1.8.10
sh get-deps.sh serf
cd serf
scons APR=/usr/local APU=/usr/local OPENSSL=/usr/local PREFIX=/usr/local
sudo scons PREFIX=/usr/local install
cd ..
./configure --with-openssl --with-serf=/usr/local --prefix=/usr/local
make
sudo make install

Nuff said!

Oh, wait… there’s a problem with misconfigured CA certificates…

cd ~/Development/svn-install
wget https://distfiles.macports.org/MacPorts/MacPorts-2.3.3-10.10-Yosemite.pkg

Run the MackPorts*.pkg…

xcode-select --install

Then…

sudo /opt/local/bin/port install curl-ca-bundle

Then…

sudo -s
cd /System/Library/OpenSSL/certs/
ln -s /opt/local/etc/openssl/cert.pem cert.pem
cd /usr/local/etc/openssl/certs
ln -s /opt/local/etc/openssl/cert.pem cert.pem

Testing:

openssl s_client -connect www.progclub.org:443 -CApath /opt/local/etc/openssl/

Using MacPorts OpenSSL:

sudo port install openssl
cd ~/Development/svn-install/subversion-1.8.10/serf/
scons APR=/usr/local APU=/usr/local OPENSSL=/opt/local PREFIX=/usr/local
sudo scons PREFIX=/usr/local install

Done!

Enable/Show “http://” and “https://” URL Prefix in Firefox Location Bar

Posted on 2014-09-25 [Thursday] by jj5

Found this article which said:

Open about:config and disable browser.urlbar.trimURLs. Easy peasy!

gnutls_handshake failed using git

Posted on 2014-09-03 [Wednesday] by jj5

Today I ran into this error:

jj5@mercy:~/public-git$ git push origin master
error: gnutls_handshake() failed: A TLS warning alert has been received. while accessing https://demo@demo.personalserver.com/public/git/info/refs

The solution, of all things, was to add a ServerName spec into my Apache configuration file /etc/apache2/sites-enabled/default-ssl.conf, e.g.:

ServerName demo.personalserver.com

Bug fixed!!

PHP curl_exec

Posted on 2013-08-31 [Saturday] by jj5

Today I learned about curl_exec which is a HTTP client for use in PHP.

BlackHat USA 2011: SSL And The Future Of Authenticity

Posted on 2012-07-16 [Monday] by jj5

A talk on the future of authenticity:
BlackHat USA 2011: SSL And The Future Of Authenticity.

Clearing SSL session state in Firefox

Posted on 2012-03-16 [Friday] by jj5

Sometimes I have a problem where I connect to my server without using a certificate, and then later need to connect using a certificate. But if I’ve already selected not to use a certificate then Firefox doesn’t prompt again so I have been having to restart my browser when that happens, which was a real pain, until now!

To clear your SSL session state in Firefox choose History -> Clear Recent History… and then select “Active Logins” and click “Clear Now”. Then the next time you connect to your SSL server Firefox will prompt for which certificate to use.

ProgClub

…because every programmer needs a good club!

Tag Archives: https

DNS over HTTPS

HTTP(S) Benchmark Tools

Firefox HTTPS-Only Mode

A folder named ~/.cache/kioexec/krun/13821_0/ already exists

Installing Subversion on Mac OS X with WebDAV support (serf library)

Enable/Show “http://” and “https://” URL Prefix in Firefox Location Bar

gnutls_handshake failed using git

PHP curl_exec

BlackHat USA 2011: SSL And The Future Of Authenticity