Labels

3G (1) 8600GT (1) AI (4) amazon (1) API (1) apple (3) apple mail (1) atlassian (1) audio (1) bambo (1) Bamboo (1) bloat (1) boost (1) bugbear (1) C++ (5) calling conventions (1) cdecl (1) chromecast (1) CI (1) compiler (1) continuous integration (1) coursera (1) custom domain (1) debugging (1) deltanine (1) diagnosis (1) diy (5) DLL (1) dns (1) don't be evil (1) ec2 (1) education (1) electronics (1) express checkout (1) fail (6) fink (1) firewire (1) free hosting (1) GAE (1) google (1) Google App Engine (4) H170 (1) hackerx (1) hackintosh (1) Haskell (3) homebrew (2) i1394 (1) icloud (2) iOS 9 (1) ipad2 (2) jobhunting (2) lag (1) letsencrypt (2) libjpeg (1) linux (1) mac (2) mbcs (1) mechanic (1) memory (1) MFC (3) Microsoft (1) migration (1) ML (1) mobile (1) movi (1) MSBuild (1) music (1) naked domain (1) NLP (2) o2 sensor (1) obd (1) Optiplex960 (1) osx (1) outlook express (1) payments (1) paypal (1) photos (2) PIL (1) Project Euler (1) projectmix (1) python (2) raspberrypi (3) recruitment (1) renwal (1) skylake (1) soundcloud (1) ssl (2) stdcall (1) stripe (1) subaru (2) supermemo (1) supermemo anki java (1) sync (2) Telstra (1) tests (1) thunderbird (1) udacity (1) unicode (1) Uniform Cost Search (1) university (1) upgrade (2) vodafail (1) vodafone (1) VS2010 (1) vs2013 (1) VS6.0 (1) weather (1) win (1) Win32 (1) Z170 (1)

Monday 29 August 2016

Google Chromecast Video does not work without an internet connection even for locally hosted video!

Google's motto is "Don't be evil". I guess they don't think that spying on every thing you do is evil.
That's the only reason I can see why your Chromecast video needs an internet connection to function, even if all you wan't to do is cast videos stored locally on your laptop to your TV.

I recently picked up a Chromecast Video in preparation for a a weeks snow holiday at Thredbo, thinking it would be handy so the kids could watch some of their own videos on the TV in the chalet. The chalet came with WiFi internet, but the cheapskate owner must have purchased the cheapest possible internet plan with the lowest quota, because even though all the right lights on the router were lit, there was no internet access.

This caused big problems trying to setup my new Chromecast, which needs to download some updates when it is first configured. I can understand why it would need internet access for that.

But once it is setup it refuses to work without an internet connection. The only reason I can see it might need an internet connection is so that it can spy on you and report your viewing habits back to google.

I managed to get it working by creating as hotspot on my iphone, having the chromecast use that hotspot for internet access and use my laptop to connect to the chromecasts WiFi to configure it.

But that's way more complicated than it needs to be. It really should be written on the box in big letters:

REQUIRES INTERNET ACCESS!


Tuesday 26 July 2016

Letsencrypt certificate renewal process is awful!

So, my free 90 days letsencrypt certificate is about to expire.

I tried the auto-renew feature, but it does not work in manual mode. They intend it to be run automated and unattended, but I can't do that because I want to use the certificate on google app engine.

So basically, you have to re-issue the certicate , which means updating the challenge response on your website.

Well, I did all that, and generated a new certificate.

Unfortunately it expires the same time as the certificate I want to replace... WTF?

Anyway, I cleaned out /etc/letsencrypt and tried again from scratch:



sudo ./letsencrypt-auto certonly -a manual --rsa-key-size 2048 --email webmaster@mydomain.org.au -d shop.rhubarbfood.org.au

and this time it generated me a certificate with the correct expiry date. For future reference,

fullchain.pem is the public cert that appengine wants.

The private key needs to be fixed for google app engine:

openssl rsa -inform pem \
  -in /etc/letsencrypt/live/mydomain.org.au/privkey.pem \
  -outform pem 

the output of this command can be pasted straight into the text box in the appengine certificate page.

This time I documented it so I can rmember in 90 days time when I need to renew it again!

Monday 2 May 2016

Let's Encrypt and Google App Engine... not a match in heaven

I recently got on the SSL bandwagon for a site I manage, and bought an SSL certificate from GoDaddy for less than $10 (I can't remember exactly), but it only lasted a year.

True to form, when time came up for renewal GoDaddy wanted to charge me $100.

Top Tip: Never, ever allow GoDaddy to autorenew anything you buy from them. Because they alway jack the price up when they autorenew by default.

Anyway, I heard about LetsEncrypt, the new CA which offers SSL certificates for free.

"This must be too good to be true", I thought. And once again, I was proved right.

After much yak-shaving, (installing the prerequisites on my mac, the letsencrypt software, and the appropriate challenge/responses to prove I owned the web servers) I actually managed to sucessfully generate my certificate...

...which expires in 90 days!?!

Now the people at letsencrypt think that 90 days is a really, really long time, and any longer would be a security risk. And they say, "Hey, you should automate all your certificate issuance/renewal/web hosting malarky".

The only problem is, THERE IS NO API TO AUTOMATE UPLOADING OF YOUR CERTIFICATE TO GOOGLE APP ENGINE!!!

So, every 90 days, you will have to do it manually.


And one more thing... when I tried to upload my 4096 bit key certificate, app engine complained with an extremely generic error message. Turns out it only supports a maximum of 2048 bit keys.

Way to be cutting edge Google!

EDIT: Google App Engine has finally automated SSL certifcates issuance and renewal!!!

https://cloudplatform.googleblog.com/2017/09/introducing-managed-SSL-for-Google-App-Engine.html