Usually I’m using self-signed HTTPs certificates on my servers which causes all browser to complain about a potential security risk, which is basically a good idea. Though I always felt that the HTTP/s warning of chromiums location bar is somehow exaggerated (striked out https with a thick red line) it’s nothing compared to what the latest chromium build shows you — that’s more than just ridiculous:
Configuring my Palm Pre to use IMAP over SSL with a self-signed certificate really drove me nuts and it took some time to figure out how it works. Sadly the Pre just complains about an invalid certificate instead of offering an accept dialog.
Nevertheless, self-signed certificates are working with the Pre, it’s just a bit more work. Here’s a simple step-by-step guide how to achieve that.
The Certificate Manager of the Palm Pre only accepts DER encoded X509 certificates, so we need to convert our PEM to DER. The simplest way to achive that, is using OpenSSL.
1 | $ openssl x509 -outform der -in certificate.pem -out certificate.der |
Now you need to plug your Pre to your computer and copy the DER file to any folder on your Pre.
Follow those steps to open the very good hidden Certificate Manager of the Palm Pre:
On the bottom left you will see the add icon, simply tip on it and choose the above mentioned file.
That’s it!
I guess most of you that use Git on a more regular base, like the easiness of creating, merging and deleting branches thats comes along with Git, so you will probably tend to create branch over branch. I often change into a Git repository and ask myself: which was the last branch I was working on? Of course you can simply call ‘git status’, but wouldn’t it be more convenient to promptly see in which branch you reside as soon as you enter the repository?
If you are answer is “yes” then you should take a look on bash completion – to be more exact: to the Git related part of it.
The Git bash completion script offers a function called __git_ps1. As the ps1 already indicates, the function is intended to be called in the PS1 definition of your .bashrc. Just open your .bashrc in your favourite editor and search for PS1= which might look like the following:
PS1='[\u@\h \W]\$'
whereby your shell prompt results in:
[username@hostname path]$
To add the current Git branch to your prompt simply add the __git_ps1 function to it:
PS1='[\u@\h \W $(__git_ps1 " (%s)")]\$'
The argument to __git_ps1 will be displayed only if you are currently in a git repository:
[username@hostname path (branchname)]$
Xubuntu 'Karmic Koala' 9.10 Alpha 6 - Installation Screen
Although I do not own an android based phone by myself, there is a small application I would like to recommend to you: PackRat — Media Collection Manager for Android.
Books and CDs present a particular problem to me, mostly because I already have a lot of each: I’m never entirely sure whether I actually possess one, or whether I only read/listened to it at some point in the past. I’ve bought a few books twice that way.
unwesen tries to get the application ready for this years Android Developer Challenge, so he is a bit under pressure as the submission period ends on 31th August at 11:59:59pm Pacific Time.
Although the application seems to be pretty complete there is no download available at the moment, but unwesen revealed a whole bunch of screenshots so that you can get a first impression of the app.
Recently I had to notice that I have to maintain a lot of projects and so I have been searching for a software tool that fits into my workflow with a maximum of ease of use.
I have tried several solutions, amongst others: Tasque and ThinkingRock. I had installed the latter one for almost a year, but never really used it, as it takes too much time to drop a quick note on a thought. Tasque is great if you want to use Remember The Milk as the backend, but in fact I did not want an online based tool for several reasons (connectivity, security, etc.). There is also a simple SQLite-based backend, but that lacks of a working category support. Other options have been Korganizer, TaskCoach and some simple to-do list programs — none of them fit my needs.
After crawling the web for days, I stucked on a little tool called: Getting Things GNOME!
GTG focuses on usability and ease of use. Its main objective is to provide a simple, powerful and flexible organization tool to the GNOME desktop environment.
The GTG user interface provides several convenience features that I find particularly advantageous. It has a quick-add entry box which allows users to create new tasks on the fly without having to input any extraneous data. Users can optionally specify tags for the task directly in the quick-add box alongside the task title. Another nice user interface feature that I like is the Work View, which will give you a flattened and filtered view of your task list with immediate action items.
The only tiny downside of GTG is that there is no method to minimize GTG to your system tray — but that will probably be part of the next release.
Inspired by pidgin-musictracker and the abscence of similiar a Plugin/Script for Skype for Linux, I have decided to write one on my own. This script uses the DBus-Interface of Banshee to retrieve the currently played track. This information is written via the Skype4Py-API into the mood message of the currently logged in account.
At the moment there is only Banshee supported, but I have planned to support some more players soon — so do not expect too much now, especially as I am still a Python beginner.
This article describes how to setup SSL-enabled name-based virtual hosts — that is secure virtual hosts which share the same IP address and port — with SNI-capable mod_gnutls module for Apache’s httpd server.
Server Name Indication (SNI) is a TLS extension which makes the configuration of SSL-enabled name-based virtual hosts possible. The current version of OpenSSL — 0.98 at the time of writing — does not support SNI yet, but it is planned for the upcoming 0.99 release and there are already several patches out there to add SNI capabilities to 0.98. mod_gnutls is an experimental module for Apache’s httpd which includes support for SNI.
This setup has been performed on a server that runs on Debian/Lenny and uses no self-compiled programs/packages.
In order to use mod_gnutls you need to install it from the repository of course, simply invoke:
1 2 | yourserver:~# apt-get update yourserver:~# apt-get install libapache2-mod-gnutls |
Then you need to enable mod_gnutls and disable mod_ssl:
1 2 | yourserver:~# a2enmod gnutls yourserver:~# a2dismod ssl |
Now it is time to get rid off mod_ssl and its configuration directives like SSLEngine, SSLCertificateFile and so on in each of your virtual host definitions. Instead we will add the mod_gnutls directives here:
1 2 3 4 | GnuTLSEnable on GnuTLSPriorities NORMAL GnuTLSCertificateFile /etc/apache2/ssl/apache.crt GnuTLSCertificateKey /etc/apache2/ssl/apache.key |
It is a good practise to check the server configuration after each changed virtual host. You can simply do this by invoking the following command:
1 2 | yourserver:~# apache2ctl configtest
Syntax OK |
If you see an error instead of the ‘Syntax OK’ message, you should carefully check the changes you made. Usually most errors are caused by typos.
Once you have been done with adjusting and checking your virtual hosts you are ready to reload the configuration of your webserver:
1 | yourserver:~# /etc/init.d/apache2 reload |
With mod_gnutls, the server supports the SNI TLS extension. The virtual hosts are name-based, no matter which one you visit, the relevant certificate for each virtual host is used.
Even tough mod_gnutls works pretty well, it is still in experimental state. Therefore, performance issues should be considered as normal (but could not determine any so far).
Another important point to mention regards to SNI support in web browsers. Currently only these browsers have built-in support for SNI:
I recently had the problem to install some PERL modules from CPAN with a non-root user. As a non-root user you won’t be able to install modules in non-system locations (system location would be: /usr/bin, /usr/lib). Luckily you can also install modules into your home directory. First you need to determine wether or not you need to configure CPAN.
perl -MCPAN -e shell
This might result in the following error message:
Your configuration suggests "/root/.cpan" as your CPAN.pm working directory. I could not create this directory due to this error: mkdir /root/.cpan: Permission denied at /usr/lib/perl5/5.8.8/CPAN.pm line 553
If you don’t get this error message you are already done and you can stop reading. Otherwise you need to re-configure CPAN for your personal use.
1 2 3 4 5 6 | mkdir -p ~/lib/perl5 echo 'export PERL5LIB=${PERL5LIB}:~/lib/perl5:~/lib/perl5/lib:~/lib/perl5/lib/i586-linux-thread-multi/' >> ~/.bashrc source ~/.bashrc mkdir -p ~/.cpan/CPAN echo "\$CPAN::Config = {}"> ~/.cpan/CPAN/MyConfig.pm perl -MCPAN -e shell |
NOTE: the shell variable PERL5LIB also contains an architecture dependent lib-path. So it might be that you need to change that part of the lib-path, e.g. from ~/lib/perl5/lib/i586-linux-thread-multi/ to ~/lib/perl5/lib/i386-linux-thread-multi/ or whatever your system matches.
Accept all the defaults (as long as you don’t want to make any special settings) until you reach the following question:
Every Makefile.PL is run by perl in a separate process. Likewise we run 'make' and 'make install' in processes. If you have any parameters (e.g. PREFIX, LIB, UNINST or the like) you want to pass to the calls, please specify them here. If you don't understand this question, just press ENTER. Parameters for the 'perl Makefile.PL' command? Typical frequently used settings: PREFIX=~/perl non-root users (please see manual for more hints)
Give the following answer:
1 2 | PREFIX=~/lib/perl5 LIB=~/lib/perl5/lib INSTALLMAN1DIR=~/lib/perl5/man1 INSTALLMAN3DIR=~/lib/perl5/man3 ... |
That’s it, now you should be able to install PERL modules from CPAN via the CPAN shell.
Nicholas Zakas, Principal Front End Engineer at Yahoo!, posted an interesting read about Extreme JavaScript Compression with YUI Compressor on Slideshare.
Thanks to Josi for pointing my interest to it.