Tag Archives: SSL

Weak Certificates

Posted on by
Reply

I’ve got an odd little problem at work. I’ve got a Ricoh copier in the Traverse City office that I apparently now can no longer manage remotely due to an error in SSL. The error that Firefox throws is ssl_error_weak_server_cert_key and in Google Chrome it’s ERR_SSL_WEAK_SERVER_EPHEMERAL_DH_KEY. In both situations I understand what the issue is, that the SSL layer is weak because the Diffie-Hellman key is not big enough.

I’ve run into this issue before, mostly with self-signed certs and the browsers have usually allowed me to click on an exception and get on with my day. Except for Firefox and Chrome now, that is no longer the case. The browsers just refuse to display the webpage. I understand the logic behind it, everyone wants a more secure web, but sometimes what we are really after isn’t privacy or security, but rather just getting our work done.

I still need to connect to this copier and manage it, and frankly my dear, I don’t really care that much that the transactions be secure. In a way, this security is irrelevant. The traffic on our WAN is flowing over a Meraki VPN site-to-site link, so it’s already secure. This is security on top of security, and it’s in the way.

So I thought about using the awful Internet Explorer for this and I chafe at even considering using one more wretched bit of Microsoft technology – there has to be a better solution. So when you run into little bits like this the best way forward is to pursue my favorite solution, heterogenous computing! There’s more than one way to get what you are after. So if Firefox and Chrome won’t work, and Internet Explorer is unthinkable, how about Opera?

So I downloaded Opera and installed it. Then browsed to my copier in Traverse City. Opera told me about the error, but it also provided me with an exception button and then once I clicked that, the error was bypassed and my copiers remote management screen appeared.

So now I’ll add Opera to all the other browsers I have on my computers. The answer is competition. I wonder sometimes if there isn’t a special browser out there for IT type people like me. They’ll render anything, ignore any “privacy or security” type errors, all so people like me can get our jobs done. For now, Opera seems to lead the pack, at least for this. Thank you Opera!

Jetpack Failure

Posted on by
1

I recently upgraded my installation of Jetpack for WordPress.org on my blog here and right after I did that the damn thing stopped working. Verison 2.2 with WordPress 3.5.1. Everything should be 5×5 but it isn’t. I’ve contacted Jetpack support and I’m waiting to hear from them what my next steps should be but I figured it made sense to blog about this since it touches on WordPress and well, here we are.

The first thing I did was disconnect my Jetpack from WordPress.com, that went very easy. Then I tried to re-engage with WordPress.com and got an SSL timeout error. I then went onto Google and found a bunch of others who were having this problem. After I engaged with the Jetpack support people they asked me to run the a href=http://plugins.svn.wordpress.org/jetpack/branches/jetpack-compatibility-test.zip target=_blankJetpack Compatibility Test plugin/a. I did that, it generated content and I sent it off for analysis.

So I don’t have Jetpack running and I leaned back and wondered if things would be so bad without it. I mean, if an update breaks it perhaps it’s not meant to be used. So, if there is a solution, that’s fine and dandy, and if there isn’t, living without Jetpack is also fine and dandy.

I’ll be updating this post with new details as they unfold. What’s really irking is Jetpack worked for a long long time up until the last update, then poof.

strongUPDATE/strong: I tried to connect to WordPress on a lark and it worked. So, if the Jetpack support fellows did something, then thank you guys for your help!

**UPDATE 2**: Just when you thought it was safe to go back in the water, the post-by-email bit of Jetpack doesn’t seem to like me. Sent several messages and nothing posted to the blog. Perhaps a sneaky firewall issue, or gnomes. 😉