Today I read Run Your Own DNS over HTTPS (DoH) Resolver on Ubuntu with DNSdist which mentioned BIND will support DoH in version 9.17, which is still in development.
This popped up on r/programming today: HTTP(S) Benchmark Tools.
Today is a historic day! I’m now running Firefox 83 an have enabled the new HTTPS-Only mode!
2017-12-09 jj5 – TODO: document this on my blog…
On Debian GNU/Linux 9.1 (stretch) when I try to open an *.desktop (application/x-desktop) link in a browser I get:
A folder named ~/.cache/kioexec/krun/13821_0/ already exists.
A folder named kioexec krun already exists
turned up diddly squat.
I solved the issue (for me) by changing:
System Settings -> Personalization -> Applications -> Default Application s-> Web Browser
Open http and https URLs in an application based on the contents of the URL
Open http and https URLs in the following browser: firefox
cd ~/Development/svn-install wget http://prdownloads.sourceforge.net/scons/scons-2.3.4.tar.gz wget http://mirror.ventraip.net.au/apache/apr/apr-1.5.1.tar.gz wget http://mirror.ventraip.net.au/apache/apr/apr-util-1.5.4.tar.gz wget http://mirror.ventraip.net.au/apache/subversion/subversion-1.8.10.tar.gz tar xzf scons-2.3.4.tar.gz tar xzf apr-1.5.1.tar.gz tar xzf apr-util-1.5.4.tar.gz tar xzf subversion-1.8.10.tar.gz cd scons-2.3.4 sudo python setup.py install cd ../apr-1.5.1 ./configure --prefix=/usr/local make sudo make install cd ../apr-util-1.5.4 ./configure --with-apr=/usr/local --prefix=/usr/local make sudo make install cd ../subversion-1.8.10 sh get-deps.sh serf cd serf scons APR=/usr/local APU=/usr/local OPENSSL=/usr/local PREFIX=/usr/local sudo scons PREFIX=/usr/local install cd .. ./configure --with-openssl --with-serf=/usr/local --prefix=/usr/local make sudo make install
Oh, wait… there’s a problem with misconfigured CA certificates…
cd ~/Development/svn-install wget https://distfiles.macports.org/MacPorts/MacPorts-2.3.3-10.10-Yosemite.pkg
Run the MackPorts*.pkg…
sudo /opt/local/bin/port install curl-ca-bundle
sudo -s cd /System/Library/OpenSSL/certs/ ln -s /opt/local/etc/openssl/cert.pem cert.pem cd /usr/local/etc/openssl/certs ln -s /opt/local/etc/openssl/cert.pem cert.pem
openssl s_client -connect www.progclub.org:443 -CApath /opt/local/etc/openssl/
Using MacPorts OpenSSL:
sudo port install openssl cd ~/Development/svn-install/subversion-1.8.10/serf/ scons APR=/usr/local APU=/usr/local OPENSSL=/opt/local PREFIX=/usr/local sudo scons PREFIX=/usr/local install
Found this article which said:
Open about:config and disable browser.urlbar.trimURLs. Easy peasy!
Today I ran into this error:
jj5@mercy:~/public-git$ git push origin master error: gnutls_handshake() failed: A TLS warning alert has been received. while accessing https://email@example.com/public/git/info/refs
The solution, of all things, was to add a ServerName spec into my Apache configuration file /etc/apache2/sites-enabled/default-ssl.conf, e.g.:
Today I learned about curl_exec which is a HTTP client for use in PHP.
A talk on the future of authenticity:
BlackHat USA 2011: SSL And The Future Of Authenticity.
Sometimes I have a problem where I connect to my server without using a certificate, and then later need to connect using a certificate. But if I’ve already selected not to use a certificate then Firefox doesn’t prompt again so I have been having to restart my browser when that happens, which was a real pain, until now!
To clear your SSL session state in Firefox choose History -> Clear Recent History… and then select “Active Logins” and click “Clear Now”. Then the next time you connect to your SSL server Firefox will prompt for which certificate to use.