Automated Let’s Encrypt DNS challenges with Rackspace Cloud DNS

Let’s Encrypt has taken the world by storm by providing free SSL certificates that can be renewed via automated methods. They have issued over 1.4 million certificates since launch in the fall of 2015. If you are not familiar with how Let’s Encrypt operates, here is an extremely simple explanation: Create a private key Make a request for a new certificate Complete the challenge process You have a certificate! That is highly simplified, but there is plenty of detail available on how the whole system works.
Read more →

Woot! Eight years of my blog

Read more →

Apache’s mod_proxy, mod_ssl, and BitTorrent Sync

BitTorrent Sync allows you to keep files synchronized between multiple computers or mobile devices. It’s a handy way to do backups, share files with friends, or automate the movement of data from device to device. It comes with a web frontend, called the Web UI, that allows for connections over HTTP or HTTPS. Using HTTP across the internet to administer Sync seems totally absurd, so I decided to enable HTTPS. I quickly realized two things:
Read more →

Survive the Google Reader exodus with Tiny Tiny RSS

It’s no secret that Google Reader is a popular way to keep up with your RSS feeds, but it’s getting shelved later this year. Most folks suggested Feedly as a replacement but I found the UI quite clunky in a browser and on Android devices. Then someone suggested Tiny Tiny RSS. I couldn’t learn more about it on the day Google Reader’s shutdown was announced because the site was slammed. In a nutshell, Tiny Tiny RSS is a well-written web UI for managing feeds and a handy API for using it with mobile applications.
Read more →

Using OpenSSL’s s_client command with web servers using Server Name Indication (SNI)

One of the handiest tools in the OpenSSL toolbox is s_client. You can quickly view lots of details about the SSL certificates installed on a particular server and diagnose problems. For example, use this command to look at Google’s SSL certificates: openssl s_client -connect encrypted.google.com:443 You’ll see the chain of certificates back to the original certificate authority where Google bought its certificate at the top, a copy of their SSL certificate in plain text in the middle, and a bunch of session-related information at the bottom.
Read more →