firefox 31 + self-signed certificate = sec_error_ca_cert_invalid

July 23rd, 2014 No comments

If you are trying to access site with self-signed certificate with Firefox 31 (or later) and get Issuer certificate is invalid error (sec_error_ca_cert_invalid), you have to disable new mozilla::pkix certificate verification.

In about:config set

security.use_mozillapkix_verification = false


To find out more about mozilla::pkix and why your firefox just got so super secure and paranoid, that it doesn’t allows you to access you own site without googling see I’m only wondering why did they renamed it from insanity::pkix to mozilla::pkix – do they confess that ‘mozilla’ is slowly becoming a synonym for ‘insane’ ?-) Throwing such an error without any hint or possiblity to add an exception (as usual) is IMHO insane – but, who cares about power users today…



Categories: admin, how-to, security, time saver Tags:

Simple XSLT ifnull for numbers

June 19th, 2014 No comments

Answer to question how to display zero instead of NaN in XSLT for non existing node containing number values (kind of ifnull or coallesce functions that are available in SQL).

You can do it by standard expressive XSLT way, with using variable and <xsl:choose>, or abuse built-in sum() function and do whole thing in one line.

Standard way:

<!– read the value –>
<xsl:variable name=”val”>
<xsl:when test=”//number[1]“><xsl:value-of select=”//number[1]“/></xsl:when>
<!– print the value out –>
<xsl:value-of select=”$val“/>


Quick way:

<!– read and printout –>
<xsl:value-of select=”sum(//number[1])“/>


Both codes will print value of first node named number or zero if the node is not present.  Because it is a sum() function, it’s a good idea to limit nodeset only to first one, otherwise you will get a sum of all existing number nodes.

Btw. do you know the best XSLT reference out there ? No ? Look at ZVON XSLT reference.


Categories: how-to, time saver, xsl Tags:

Disable Windows 7 hotkeys

March 17th, 2014 No comments

This little script disables Windows 7 hotkeys if you have no local admin rights and registry editor (regedit) is also disabled.  Simply save it as hkey.vbs and execute.

Option Explicit
'Declare variables
Dim WSHShell, rr, MyBox, val, ttl
Dim jobfunc, itemtype
On Error Resume Next
Set WSHShell = WScript.CreateObject("WScript.Shell")
val = "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\DisabledHotkeys"
itemtype = "REG_EXPAND_SZ"
ttl = "Result"
jobfunc = "Value: "
'write the registry key value.
WSHShell.RegWrite val, "1234567890", itemtype
rr = WSHShell.RegRead(val)
MyBox = MsgBox(jobfunc & rr, 4096, ttl)

This example disabled WIN+0 – WIN+9 keys. To disable other keys simply modify second RegWrite parameter.
For more technical info on windows hotkey codes see

Categories: how-to Tags:

75 EUR AdWords Coupon

March 5th, 2013 No comments

Another AdWords coupon for 75 EUR (25 EUR investment required).


First takes !

Categories: Uncategorized Tags:

OpenVPN OCC ping patch

May 28th, 2012 No comments


i’ve created simple patch for OpenVPN implementing OCC ping. Main difference of OCC ping and existing OpenVPN ping is that OCC ping is being actively replied on other side of the communication channel. This way you can configure various per-client channel reliability policies:

  • Non-mobile clients might ping more frequently to ensure stable connection, and reconnect as soon as possible in case of failure.
  • Mobile clients (ie. Android phones) might ping less frequently to save battery.

OCC ping can be enabled with (boolean) occ-ping directive and it integrates with all existing ping settings (ping/ping-restart/… directives) – simply instead of ‘normal’ pings OCC pings will be send.

Additionally occ-ping-compat directive makes it possible to use backward compatible OCC pings, that sends instead of newly implemented OCC_PING message, already existing OCC_REQUEST that will be always replied  by other side with OCC_REPLY. This makes it possible to use this new behavior with clients running openvpn without having OCC ping implemented.

Patch can be found here: openvpn-2.2.2-occ-ping.patch.

Categories: devel Tags: