Are you having trouble with SSL on El Capitan (OS X 10.11)?
Here are the things I know about it right now:
- OS X’s OpenSSL is ancient (0.9.8-ish).
SecureTransport (OS X’s replacement for OpenSSL) may fall back to using OpenSSL if the environment variable
SSL_CERT_FILE is set.
- Lots of places are “cross-signing” their intermediate certs to upgrade from SHA-1 to SHA-2 for security reasons.
- OS X’s OpenSSL cannot handle the intermediate cross-signing and report that it cannot verify certificates. SecureTransport handles this just fine.
- HomeBrew applications usually don’t support SecureTransport and instead use HomeBrew’s OpenSSL.
/usr/bin/curl uses SecureTransport directly, unless you set
SSL_CERT_FILE (see above).
I found myself trying to figure out how to disable something called NeoComplete (previously known as NeoComplCache) when editing markdown in Vim.
It was colliding with my Markdown stuff pretty badly and had really bad suggestions anyway (I mean, I’m writing text, not code… so no surprise) and I was getting annoyed of turning it off by hand.
Someone emailed me with this question:
I am interested in learning different orchestration mechanisms and would like
to understand how they differ.
What are the differences between Chef, Puppet, Heat/HOT, Juju, and Docker?
When using test-kitchen it may be necessary to set the
environment of your nodes.
You can do with by changing your
.kitchen.yml file. In my example, I’ll show
it at the root, but they can be set on a per-suite level as well, which is
handy to test different environments.
This is just a bit of code I wanted to save.
When using HEREDOCs in Ruby, the
<<- operator is handy to keep everything indented in the source. But it doesn’t help with the content of the HEREDOC.
In Chef the
node_name is for human usage. By default it is set to the
fqdn. Which is annoying for typing.
In my network, all hosts have the same domain name. However, we
knife bootstraped the system without setting the node name (e.g. the
I don’t like to write programs in
bash. It’s not a
very pretty language. But it has one advantage over a lot of other
It’s on your system. Every Unix-like system has
Ubuntu, and even OS X.
The Chrome browser caches HTTP 301 permanent redirects very aggressively. This is normally a good thing, unless you’re the one setting up the 301 and you make a mistake…
There is no obvious place in chrome to refresh that cache, but there is a nifty trick.
Go to the URL:
This causes Chrome to recheck the page and will update any cached 301 rules.
Ciao! Continue reading
I wrote a simple one-page web application called 40days. It shows you what the date is for 40 days in the future. I say “simple” but really, simple isn’t easy. It never is.
I wrote 40days because my orthodontist would schedule my appointments 40 days apart and it was a hassle for me and secretary to figure out exactly what date that was.
It’s written with coffeescript and scss and is licensed under the MIT LICENSE.
This actually was harder than I thought. I created a really crappy-but-works version quickly. But I always forget that polishing things is so hard.
Will Norris posted a blog post titled All https, all the time.
It’s a good article and I recommend you read it.
docwhat.org is now only using https.