Mozilla's Firefox Invalid, Yet Valid Certificate

In my line of work I get to work with a lot of security devices which run self-signed certificates. Those certificates are most of the time generated when the device / appliance is installed, or configured for the very first time. When you connect to one of those devices with a web browser, you tend to see the warnings displayed by the browser that the connection is not to be trusted.

In Firefox, you can add an exception in the browser. When you've done that, the next time you go to the website, the browsers treats the website as trusted.

Posted on April 1, 2012 by Willem and filed under Annoying, Browsers, Tips'n Tricks and tagged PKI certificates firefox.

Moerputten and Heusden

Last weekend we had our yearly spring trip with the camera club. Somehow the word' spring' didn't come in mind on that day. When I left home, the sun tried to break through, so with luck, it could be a nice day for photography..... Luck was nowhere to be found. The whole day, nothing but drizzle, wind, rain, drizzle, and rain (at least in the vicinity of ' s Hertogenbosch.)

I went a bit early, and when I arrived, I was the only person there, so I was able to shoot some photos without having to worry about other people showing up in my photos.

The Moerputten is an old trainbridge that runs through a patch of protected nature. It's basically just a bridge now. No trains run over it.

Posted on March 15, 2012 by Willem and filed under Personal, Photography and tagged Heusden Moerputten bridge panorama train.

The Depressing Belgium Ardennes

Some depressing photos from the Ardennes in Belgium.... And these 'objects' are still being used by people.

A combination of a store/shop, and living quarters:

Small (literally) house in the village of Boulion:

The following photo was shot during a foggy day on the parking lot of a supermarket:

I definitely wouldn't want to live there, but is it nice to make photos some cases :-)

Posted on February 26, 2012 by Willem and filed under Photography and tagged Ardennes Belgium Carl Zeiss Depressive Leica M9.

Louwman Car Museum, The Hague

Last weekend, we visited the Louwman Car Museum in the Hague. I really had no idea what to expect of this museum, but I was surprised in a very positive way. The building is new, and filled with cars from the late 1800's till today. Including most (if not all) the classics.

If you're in the vicinity of the Hague, you should visit this museum (even if you're not a petrol-head).

Posted on February 1, 2012 by Willem and filed under Personal, Photography and tagged Louwman cars museum the Hague.

Courier IMAPd and Mail.app warnings

After installing an ISPConfig deployment, everything seemed to work properly, but every now-and-then I got this weird error that there was something wrong with the mail server configuration. The Apple Mail.app showed a exclamation mark with the following message:

The server returned the error: The attempt to read data from the server server.domain.ext failed.

Some research showed that the Apple mail clients tend to open several connections for IMAP, and the default setting of the Courier IMAPd server is to allow (only) 4 connections from the same IP address.

Modifying the Courier config file (/usr/lib/courier-imap/etc/imapd) and allowing e.g. 20 connections from 1 IP address solved this problem.

<ORIGINAL CONFIG>
##NAME: MAXPERIP:0
#
# Maximum number of connections to accept from the same IP address

MAXPERIP=4

<MODIFIED CONFIG>
##NAME: MAXPERIP:0
#
# Maximum number of connections to accept from the same IP address

MAXPERIP=20

If your company / household holds several imap mail clients you may need to increase the counter even more (65536 is the maximum amount of connections for ANY IP address).

If you have SSL enabled on the Courier IMAPd server you also need to add the MAXPERIP variable to the imap-ssl config file (/usr/lib/courier-imap/etc/imapd-ssl).

Finally, you need to restart the Courier IMAPd services (/etc/init.d/courier-imap restart)

Posted on January 23, 2012 by Willem and filed under Apple, Linux, Tips'n Tricks and tagged CentOS Courier IMAPd ISPConfig MAXPERIP.

Changing SSL Certificates in a ISPConfig v3 Configuration

When you install a Perfect Server based on Centos and ISPConfig v3.x, the system / 'installer' creates for the components self-signed certificates. All these certificates will generate different warnings in your browser, mail clients etc. So time to eliminate those warnings.

First I needed to find out where all those certificates are located, and what there formats are. In my case, there are three services that use SSL/TLS in some form;

Postfix SMTP service
Courier IMAP service
http / Apache2 webservice

Checking the configuration files will reveal their locations.

Posted on January 7, 2012 by Willem and filed under Linux, Operating Systems, Security, Software, Tips'n Tricks and tagged CentOS ISPConfig certificates ssl xca PKI.

Getting ISPConfig to Work on Centos

This is not a manual describing the installation (pre-requisites) of ISPConfig software on a Centos platform. An excellent manual can be found online. It's just that I ran into a problem when I tried to connect an e-mail client to the (IMAP) mailserver (controled by ISPConfig). All the appropriate ports / listeners were up and running, so it had to be a configuration issue.

Googling around didn't solve my problem. My collegue, Xander (@xmoments / xmoments.nl), cam eto the rescue with the solution;

yum install cyrus-sasl-plain-2.1.23-13.el6.x86_64

Software that handles cleartext passwords between mail processes. After the installation, the mail went flying across the Interwebs.

Posted on January 5, 2012 by Willem and filed under Linux, Software, Tips'n Tricks and tagged CentOS Cyrus SASL ISPConfig.

Screen Capture Can't Be Saved

After upgrading my iMac to OS X Lion (10.7) everything works (or at least seems to work), until I tried to do a screen capture with the built-in tools.

Things that worked:

Capturing the entire desktop to file
Capturing a selection (using the cross-hair) to file
Capturing the entire desktop to the clipboard
Capturing a selection (using the cross-hair) to the clipboard

Things that didn't work:

Capturing entire windows to file or the clipboard (SHIFT-COMMAND-4 + SPACE / SHIFT-COMMAND-3 + SPACE)

All I got was a weird notification box with the message:

Screen capture can't be saved

The console application also showed an error message:

12/16/11 1:40:08.762 com.apple.SystemUIServer.agent: screencapture could not capture window 3c

Lurking around the Interwebs, I found this seem to occur after an upgrade of the OS, but real solutions are hard to come by.

This is what I did to solve my problem:

Remove the screencapture PLIST (preferences) file (~/Library/Preferences/com.apple.screencapture.plist)
Copy a com.apple.screencapture.plist file from a working OS X Lion environment and place it in the correct location on the troubled OS X installation.

That seemed to result in two com.apple.screencapture.plist files (one with an additional extension of .locked). I removed the .locked file, rebooted the iMac, and screen capture worked again.

I must mention that I didn't see the .locked file initially. Could be that it existed before. In which case I probably did more than was required to get things fixed....

Posted on December 16, 2011 by Willem and filed under Annoying, Apple, Operating Systems, Tips'n Tricks and tagged Screencapture locked save.

Leica M and Lens Caps

Normally, I would have posted the following video in the Leica diary section, but that section is about totally serious Leica subjects only ;-). What the guy in this video is demonstrating (I hope) to the videographer, is that it's easy to forget that you put the lens cap back on the lens. With (d)SLR's you don't have this problem, since you're looking through the actual lens (unless you're blind or shooting in pitch black).

Fairness to say that I've had it happen to me a couple of times, but I notice my mistake at the moment I press the shutterbutton (+3sec exposure in broad daylight?? Must have forgotten something...).

Posted on December 16, 2011 by Willem and filed under Fun, Photography and tagged Leica Lens cap.

A (slightly biased) review of the Samsung Galaxy S2 Phone

My employer decided to give its employees new smartphones. Mostly because we've been begging for them the last couple of years. Unfortunately, not the one(s) we (or perhaps I) have been asking for.

In my line of work I come across customers with wireless networks that need (some sort of) security in place. The only real question I get during those projects is; "Will it work with an iPhone or an iPad?" In my entire career, I haven't had a single question of that kind regarding Android or Windows Mobile phones.... There's no denying it; the iOS devices from Apple are huge. Even in the corporate market.

So, no corporate iOS device for me. Instead, they shipped the Samsung Galaxy S2 (listed as iPhone look-a-like) to me.

Posted on November 28, 2011 by Willem and filed under Hardware, Review, iPhone and tagged Android Galaxy S2 Samsung.