My first visit to legendary data center One Wilshire.
I have been consolidating some of my sites onto a single hosted Unifi controller. Documentation was outdated so I am going to post some useful info here. My original plan was to setup a basic apache2 site, use certbot to generate my certificates and then install them into the Unifi controller. The first frustration is that you cannot simply install the certs you want into the unifi controller. second frustration, java. once you get over that, it’s super easy.
I had some issues with the initial migration. i ended up having to start over. handy command to remove unifi controller with all it’s configuration and data.
apt-get remove unifi --purge Just remember, you will need to reinstall Unifi after. It will be bran new and back to the wizard.
Getting started with SSL, I learned mostly from here. First create a CSR with unifi through command line…
java -jar lib/ace.jar new_cert <hostname> <company> <city> <state> <country>
this creates unifi_certificate.csr.der and unifi_certificate.csr.pem inside the data directory where you already are (/usr/lib/unifi/). Now we need to feed the CSR into certbot. Note that at this point, i already have apache2 installed with a very simple virutalhost and site setup with the domain i am creating a cert for. Here is the command to feed the CSR generated by Unifi into certbot to be certified:
certbot certonly --apache --csr /usr/lib/unifi/data/unifi_certificate.csr.der
Certbot will make sure that domain is yours (and your apache config is working) and then output a signed cert and a chain that is almost everything you need to install the certificate back into the Unifi controller. Still in /usr/lib/unifi/data/ 0000_cert.pem is my signed cert and 0001_chain.pem is my signed cert plus the intermediate certificate. what’s missing is Let’s Encrypt’s Root certificate to validate the intermediate certificate and thus complete the chain of trust.
AOL’s Long running messaging service will end on December 15th. Though it’s true that i rarely use it these days and that I actually lost my original account years ago… I have fond memories of this communications protocol. I continue to communicate with people though AIM. Apple had strong links to it at the launch of iChatAV. #nostalgia Well, AOL broke the news with a tweet. ironic?
On this day in 1987 Steve Wilhite while working at CompuServe developed the GIF format. Thanks to the internet and the fact that internet speeds continue to accelerate they have become the defacto animation format. Hooray! It is importent to point out that although the GIF is 30 years old today, the animated version that we are so familiar with did not become available until 1989. Don’t tell me how to pronounce it. Enjoy my collection.
I tried to participate in Ken Calvert’s telephone town hall tonight, even recorded some of it. Unfortunately, they never took my question or even my promised recorded voicemail.
Many of my comments were addressed by others and most were deflected by Representative Calvert. I am certainly no expert on this stuff, but here are the points i would have brought up.
- CRA bill – Representative Calvert seems to have missed the distinction between internet service providers that offer services like Google, Facebook, or Snapchat and telecommunications providers that provide the very lines on witch those services depend. This is a critical distinction. Unlike service providers, it is not so easy to just find a telecommunications provider who’s policy you agree with. In most of America, they are practically monopolies.
- Russians!! – Lifting sanctions preventing Russian intelligence agency from purchasing surveillance technology? Why now? Representative Calvert talked about apposing foreign manipulation of our elections, but what about foreign money buying influence? Citizens united says money is speech, but what about foreign money?
- Obamacare Vs Trumpcare – Preexisting conditions? Failing program? It is certainly not perfect (don’t get me started), but my family would be destitute if it weren’t for the Affordable Care Act. The current offering as a replacement looks terrible and doesn’t include amendments for preexisting conditions. What will next year bring?
I just assumed that the problem was related to my recent SSL renewal. Turns out, Google security recently published Distrusting WoSign and StartCom Certificates and removed them from chrome. How did I miss this? It turns out that the SSL on my site has been broken on Chrome for some time. It must be that I have been using Brave recently as my daily browser. I moved this site to letsencrypt.org and it’s working fine for everyone now. I don’t even know how much time I waisted on this one. wow.
Please excuse all the errors while i try and figure out what I did wrong. Brave, Firefox, and Safari users unaffected.
I was very excited to discover this feature listed in my Unifi controller today. You can now repurpose the VOIP port to act as a WAN2. The ironic part is that i don’t believe the VOIP port serves any actual VOIP function as of yet. I’ve been recommending these USG routers since I learned of their existence. Unfortunately a lot of my clients want dual WAN and until now, the Unifi Security Gateway fell short. No longer, Ubiquiti has a really great product line with the Unifi. I am continuously discovering great new innovation with the latest update to their software, firmware, or cloud platform. I have been waiting for this!
My appearance on Hart Attack last month is finally available to stream and download. enjoy. Original Post
Close ups of my much coveted badge. Some hardware and base stations of the wifi village. Both Information Society and Berlin played on Saturday night! Shot a video of an amazing demo from the Car Hacking Village. A car modified to play games instead of driving. Also, the best of my flight home. Some great pictures of Hoover dam and some of the solar farms and mesas as we few home.