Last days of the #dailyshowlibrary!

tiny hands tweeting

This small exhibit includes audio/video recordings from the Daily Show cast as well as Trump Survivors.  Even a set with a golden toilet and props to pose with. (i had to grab a tie, but it wasn’t long enough for me).  We were given name tags upon our arrival complete with nickname (mine was “Buzzkill be3n”).  you can see the whole exhibit in under an hour.  well worth the visit!

Sunday June 17th is the last day in LA.  631 N Robertson Blvd. 12pm-10pm.


be3n Trump #dailyshowlibrary set with golden toiletTrump mentions the worldactual trump fake cake from inauguration Trump twitter word cloudTrump Nick-Names
Trump - gone but not forgotten Daily Show Library be3n Daily Show - trump v trump

Hosted Unifi controller with Let’s Encrypt SSL!

Unifi controller with SSL from Let's Encrypt

I have been consolidating some of my sites onto a single hosted Unifi controller.  Documentation was outdated so I am going to post some useful info here. My original plan was to setup a basic apache2 site, use certbot to generate my certificates and then install them into the Unifi controller. The first frustration is that you cannot simply install the certs you want into the unifi controller.  second frustration, java.  once you get over that, it’s super easy.

I had some issues with the initial migration.  i ended up having to start over.  handy command to remove unifi controller with all it’s configuration and data. apt-get remove unifi --purge Just remember, you will need to reinstall Unifi after. It will be bran new and back to the wizard.

Getting started with SSL, I learned mostly from here.  First create a CSR with unifi through command line…
cd /usr/lib/unifi
java -jar lib/ace.jar new_cert <hostname> <company> <city> <state> <country>

this creates unifi_certificate.csr.der and unifi_certificate.csr.pem inside the data directory where you already are (/usr/lib/unifi/).  Now we need to feed the CSR into certbot.  Note that at this point,  i already have apache2 installed with a very simple virutalhost and site setup with the domain i am creating a cert for.  Here is the command to feed the CSR generated by Unifi into certbot to be certified:
certbot certonly --apache --csr /usr/lib/unifi/data/unifi_certificate.csr.der

Certbot will make sure that domain is yours (and your apache config is working) and then output a signed cert and a chain that is almost everything you need to install the certificate back into the Unifi controller.  Still in /usr/lib/unifi/data/ 0000_cert.pem is my signed cert and 0001_chain.pem is my signed cert plus the intermediate certificate. what’s missing is Let’s Encrypt’s Root certificate to validate the intermediate certificate and thus complete the chain of trust.

Continue reading “Hosted Unifi controller with Let’s Encrypt SSL!”

AOL Instant Messenger Shutting Down!

AOL’s Long running messaging service will end on December 15th. Though it’s true that i rarely use it these days and that I actually lost my original account years ago… I have fond memories of this communications protocol.  I continue to communicate with people though AIM. Apple had strong links to it at the launch of iChatAV. #nostalgia  Well, AOL broke the news with a tweet.  ironic?

AIM sunset tweet: All Good things come to an end. On Dec 15, we'll bid farewell to AIM. Thank you to all our users!

Happy Birthday GIF!

On this day in 1987 Steve Wilhite while working at CompuServe developed the GIF format.  Thanks to the internet and the fact that internet speeds continue to accelerate they have become the defacto animation format.  Hooray!  It is importent to point out that although the GIF is 30 years old today, the animated version that we are so familiar with did not become available until 1989.  Don’t tell me how to pronounce it. Enjoy my collection.

be3n bangs a gong

Ken Calvert’s Town Hall, he phoned it in…

I tried to participate in Ken Calvert’s telephone town hall tonight, even recorded some of it.  Unfortunately, they never took my question or even my promised recorded voicemail.

Many of my comments were addressed by others and most were deflected by Representative Calvert.  I am certainly no expert on this stuff, but here are the points i would have brought up.

  • CRA bill – Representative Calvert seems to have missed the distinction between internet service providers that offer services like Google, Facebook, or Snapchat and telecommunications providers that provide the very lines on witch those services depend.   This is a critical distinction.  Unlike service providers, it is not so easy to just find a telecommunications provider who’s policy you agree with.  In most of America, they are practically monopolies.
  • Russians!! – Lifting sanctions preventing Russian intelligence agency from purchasing surveillance technology?  Why now?  Representative Calvert talked about apposing foreign manipulation of our elections, but what about foreign money buying influence?  Citizens united says money is speech, but what about foreign money?
  • Obamacare Vs Trumpcare – Preexisting conditions? Failing program? It is certainly not perfect (don’t get me started), but my family would be destitute if it weren’t for the Affordable Care Act.  The current offering as a replacement looks terrible and doesn’t include amendments for preexisting conditions.  What will next year bring?

SSL problem, it wasn’t me!

broken keyI just assumed that the problem was related to my recent SSL renewal.  Turns out, Google security recently published Distrusting WoSign and StartCom Certificates and removed them from chrome.  How did I miss this?  It turns out that the SSL on my site has been broken on Chrome for some time.  It must be that I have been using Brave recently as my daily browser.  I moved this site to letsencrypt.org and it’s working fine for everyone now.  I don’t even know how much time I waisted on this one.  wow.

Ubiquiti’s USG router steps up with dual wan support!

I was very excited to discover this feature listed in my Unifi controller today.  You can now repurpose the VOIP port to act as a WAN2.  The ironic part is that i don’t believe the VOIP port serves any actual VOIP function as of yet.  I’ve been recommending these USG routers since I learned of their existence. Unfortunately a lot of my clients want dual WAN and until now, the Unifi Security Gateway fell short.  No longer, Ubiquiti has a really great product line with the Unifi.  I am continuously discovering great new innovation with the latest update to their software, firmware, or cloud platform.  I have been waiting for this!

Unifi WAN2 option