Archive for September, 2014

Unable to locally verify the issuer’s authority (Verisign) problem with Nginx

In some browsers like konqueror and old firefox verions we were getting this problem.

                          Unable to locally verify the issuer’s authority

To solve this you must use an intermediate certificate, to download this intermediate certificate you must contatct your provider, in our case was Verising https://knowledge.verisign.com/support/ssl-certificates-support/index?page=content&id=AR1735 

Inspect your certificate to check the version you are using.

With this new cwertificate in hands create a “bundle” certificate; cat your_domain_certificate.crt intermediate_certifica.crt >> bundle.crt .

Configure your nginx with this new certificate

# SSL configuration
ssl on;
ssl_certificate /PATH/bundle.crt;
ssl_certificate_key /PATH/server_valid.key;
ssl_session_timeout 30m;
ssl_protocols SSLv3 TLSv1;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
ssl_prefer_server_ciphers on;
 

Leave a comment

Setting linux serial to display more columns and rows

stty cols 410 rows 52

 

Leave a comment

NodeJS socket problem FIN_WAIT1 FIN_WAIT2 CLOSE_WAIT

We were facing some problems with NodeJs when handling sockets and file descriptors.

Fortunately we applied this patch and the problem is gone

https://github.com/soplwang/node-ka-patch

/* Copyright (c) 2013 Wang Wenlin. See LICENSE for more information */
;(function () {
var TCP = process.binding('tcp_wrap').TCP
, _setKeepAlive = TCP.prototype.setKeepAlive
, _shutdown = TCP.prototype.shutdown;
TCP.prototype.setKeepAlive = function (enable) {
var r = _setKeepAlive.apply(this, arguments);
this._ka = enable;
return r;
};
TCP.prototype.shutdown = function () {
var r = _shutdown.apply(this, arguments);
if (r && !this._ka)
_setKeepAlive.call(this, true, 150); // 150 sec
return r;
};
})();

And this patch

https://github.com/kejyun/socket.io/commit/8d6c02a477d365f019530b4ec992420dfb90eb09

Leave a comment