Archive

Archive for the ‘how-to’ Category

firefox 31 + self-signed certificate = sec_error_ca_cert_invalid

July 23rd, 2014 No comments

If you are trying to access site with self-signed certificate with Firefox 31 (or later) and get Issuer certificate is invalid error (sec_error_ca_cert_invalid), you have to disable new mozilla::pkix certificate verification.

In about:config set

security.use_mozillapkix_verification = false

 

To find out more about mozilla::pkix and why your firefox just got so super secure and paranoid, that it doesn’t allows you to access you own site without googling see https://wiki.mozilla.org/SecurityEngineering/Certificate_Verification. I’m only wondering why did they renamed it from insanity::pkix to mozilla::pkix – do they confess that ‘mozilla’ is slowly becoming a synonym for ‘insane’ ?-) Throwing such an error without any hint or possiblity to add an exception (as usual) is IMHO insane – but, who cares about power users today…

 

 

Categories: admin, how-to, security, time saver Tags:

Simple XSLT ifnull for numbers

June 19th, 2014 No comments

Answer to question how to display zero instead of NaN in XSLT for non existing node containing number values (kind of ifnull or coallesce functions that are available in SQL).

You can do it by standard expressive XSLT way, with using variable and <xsl:choose>, or abuse built-in sum() function and do whole thing in one line.

Standard way:

<!– read the value –>
<xsl:variable name=”val”>
<xsl:choose>
<xsl:when test=”//number[1]“><xsl:value-of select=”//number[1]“/></xsl:when>
<xsl:otherwise>0</xsl:otherwise>
</xsl:choose>
</xsl:variable>
<!– print the value out –>
<xsl:value-of select=”$val“/>

 

Quick way:

<!– read and printout –>
<xsl:value-of select=”sum(//number[1])“/>

 

Both codes will print value of first node named number or zero if the node is not present.  Because it is a sum() function, it’s a good idea to limit nodeset only to first one, otherwise you will get a sum of all existing number nodes.

Btw. do you know the best XSLT reference out there ? No ? Look at ZVON XSLT reference.

 

Categories: how-to, time saver, xsl Tags:

Disable Windows 7 hotkeys

March 17th, 2014 No comments

This little script disables Windows 7 hotkeys if you have no local admin rights and registry editor (regedit) is also disabled.  Simply save it as hkey.vbs and execute.

Option Explicit
'Declare variables
Dim WSHShell, rr, MyBox, val, ttl
Dim jobfunc, itemtype
On Error Resume Next
Set WSHShell = WScript.CreateObject("WScript.Shell")
val = "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\DisabledHotkeys"
itemtype = "REG_EXPAND_SZ"
ttl = "Result"
jobfunc = "Value: "
'write the registry key value.
WSHShell.RegWrite val, "1234567890", itemtype
rr = WSHShell.RegRead(val)
MyBox = MsgBox(jobfunc & rr, 4096, ttl)

This example disabled WIN+0 – WIN+9 keys. To disable other keys simply modify second RegWrite parameter.
For more technical info on windows hotkey codes see http://www.geoffchappell.com/notes/windows/shell/explorer/globalhotkeys.htm

Categories: how-to Tags:

windows – exporting non-exportable private key

April 5th, 2012 No comments

If you are trying to export windows certificate with private key, and windows export wizard provides no such possibility (export with private key is grayed out) because private key has been install as non-exportable (what is the default when importing, what almost nobody changes), there is a great tool mimikatz that makes this possible.

Download it from http://blog.gentilkiwi.com/mimikatz.

And follow this procedure:

  1. crypto::patchcapi (or crypto::patchcng if previous did not work)
  2. crypto::listKeys (or crypto::listCertificates) to list keys/certificates
  3. crypto::exportKeys (or crypto::exportCertificates) to export what you want

That’s all. Exported keys will be protected with password ‘mimikatz‘ – you will need to enter it when importing certificate again.

 

Categories: admin, how-to, security, time saver Tags:

solution: subversion not working under redmine

July 5th, 2011 No comments

If you have problem to use subversion under redmine, but svn command itself works ok, the problem might be in incorrect home directory configured for user which is running redmine (can be apache user, fcgi user id…etc). Incorrect here means home directory points to a file instead of directory (ie. /dev/null) . One can reproduce this with setting HOME to point to file.

Example:

$ HOME=/dev/null svn --version
svn: Can't open file '/dev/null/.subversion/servers': Not a directory
$ HOME=/dev/null svn --version --quiet
svn: Can't open file '/dev/null/.subversion/servers': Not a directory

Solution is pretty simple, just change user home directory configuration (via usermod) or set somehow $HOME variable of the redmine execution environment to point to some directory (ie. HOME=/var/empty).

This misbehavior has been reported as subversion defect.

Categories: admin, how-to, time saver Tags: