With Chrome 57, StartCom StartSSL SSL Certificates are branded as “not trusted”

Yesterday chrome installed an update for us, bringing the newest stable version 57 to our computers.

Together with that update we experienced an unexpected change with one of our website endpoints: for one of our endpoints, the SSL certificate was marked by chrome as insecure and we received a warning about NET::ERR_CERT_AUTHORITY_INVALID

Naturally we suspected an expired certificate and continued to check, but were surprised to find that the cert was still active and valid until 2019, so there had to be another reason!

Indeed, the problem was not with our cert or server configuration, but instead with the release of the newest chrome version, specifically version 57. An announcement was made by google last year, warning users of WoSign & StartCom SSL certificates that chrome would stop including these issuers in their trusted list by version 56.

Actually it seems that this change did not make it in version 56, but instead was made active in version 57, which has been rolled out recently.

We already migrated the majority of our endpoints to safe and open certificates by https://letsencrypt.org/, but one was still running on our old StartCom certificates, so we migrated that endpoint as well, after which SSL would continue to run flawlessly.

For Azure Web Apps we use https://github.com/sjkp/letsencrypt-siteextension, and for Ubuntu Server, you can follow the easy steps illustrated at https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-ubuntu-16-04

Continous integration for Ionic Apps

At gfnork we build applications for ionic. Putting the general discussion about hybrid apps and ionic aside, something that has traditionally been a pain in the *** for hybrid apps is the toolchain. The config.xml vs package.json confusion for cordova plugins will probably soon come to an end, but when we started developing ionic applications we were very surprised that while development itself was smooth sailing, the build toolchain was a thing that came straight from hell.

We spent days figuring out why in 50% of the cases, plugins would not install properly, or looked like they would install properly, but finally wouldnt work on real devices, why XCode would not allow us to build the solution or how to put important parameters in the AndroidManifest.xml automatically.

Fortunately, today a bunch of very good solutions exist to ensure that you don’t have to go beserk when handling deployment, and one essential part of this are continous integration & deployment tools.

For this post we looked into the oldschool contester Jenkins CI, Adobe Phonegap Build and a tool we recently discovered, GreenhouseCI.

Continue reading

Will AI troll us? Patrick tells you all about it!

Everyone’s favorite developer at gfnork, Patrick, has given a talk at FrankfurtJS, a meetup for Javascript developers in Frankfurt.

The talk starts with AI Anxiety, a concept describing the menace of machines taking control over the world.

This topic became widely popular, when Elon Musk, Stephen Hawking and Bill Gates funded an institution, which aims to find a solution for this problem.

Then this topic is  connected with two other topics, which seem to be irrelevant for real life, the Fermi Paradox and the Simulation Argument.

Check out the complete talk here:

How to import qcow2 images to ovirt

Today I was tasked with importing multiple VMs for which I received qcow2 images and libvirt XML files to ovirt.

Oh the joy!

Ovirt doesn’t offer a lot of good possibilities to import VM images in the UI, (I haven’t played around with glance yet) but fortunately there are working tools outside to make the job easier for you.

There are multiple strategies for VM image import, one of which includes creating a dummy virtual machine and disk in ovirt and replacing the disk image manually through NFS. Unfortunately that involves a lot of hacking around, consumes a lot of time, and isn’t really working well if you have a deployment that has storage based on iSCSI like I do.

Fortunately there is a better way, that involves creating an export domain for your data center and using CLI scripts to convert and deploy your VM images to said export domain, after which they can be easily imported via the ovirt engine UI.

A brilliant CLI script that just works is import-to-ovirt.pl and has been developed by Richard W.M. Jones and is available through his website with a short description on how to use it:
https://rwmj.wordpress.com/2015/09/18/importing-kvm-guests-to-ovirt-or-rhev/
http://git.annexia.org/?p=import-to-ovirt.git

I felt compelled to write a couple of lines of all the steps I did to succesfully import a VM image though, because I haven’t seen a step-by-step tutorial for this so far.

 

Step 1: Create an export domain – that involves creating a NFS storage somewhere accessible by your data center hosts and afterwards creating an export domain on it via the UI.

Click Storage -> New Domain -> Select Export on the Domain function combobox -> Set Export Path to the NFS share URL -> provide a name for the export domain -> and hit OK.

Step 2: Put your qcow2 images on a host that is able to access the export domain you just created and download the import-to-ovirt.pl script. In order to run the script you will need to install perl and some dependencies: perl-XML-Writer and perl-Sys-Guestfs. In my case, “yum install perl-XML-Writer perl-Sys-Guestfs” did the trick.

Step 3: Type this in your CLI and hit enter: “export LIBGUESTFS_BACKEND=direct” it apparently tells the script or some component used by the script to not go through libvirt in order to perform the image conversion, but to do it directly instead (I didnt completely understand that part, so please correct me if I’m wrong). If you omit this part, the conversion will not work! I tried it without the line above, but it would always prompt me for libvirt credentials, and even after entering them correctly, would provide weird error messages and ultimately failed.

Step 4: Convert the VM image and write it to the export domain with “./import-to-ovirt.pl vmImage.qcow2 ovirt-nfs.ovirt.lab:/export” The manpage of import-to-ovirt.pl says that its able to import .img files from KVM, but it also supports .qcow2 which is great since I usually get images in qcow2 format. After entering this, the script should get going and show something like this in the end:

Importing Ubuntu 14.04.3 LTS to ovirt-nfs.ovirt.lab:/export...
Copying vmImage.qcow2 ...
(100.00/100%)
Creating OVF metadata ...

OVF written to /tmp/2Y_3TpKZ4P/d10982a7-6647-42aa-b6c8-0a3d4ac20c69/master/vms/2670470f-e28b-4caf-8a73-7be9900ebf3e/2670470f-e28b-4caf-8a73-7be9900ebf3e.ovf

Import finished without errors. Now go to the Storage tab ->
Export Storage Domain -> VM Import, and import the guest.

Step 5: Importing the VM is done via the UI and very easy. Navigate to Storage -> click on your export domain -> Click on the VM Import tab -> Select the VM you just imported and hit import. Now you just have to customize the VMs according to your needs and set up the network interfaces and you’re ready to go!

 

Thanks a lot to Richard W.M. Jones, who really saved a lot of my time with that script.

Temperature controlling with Raspberry PI over a webserver on nodejs and angular

I have been tinkering around from time to time with heat regulation. In the past, I decided it might be a good idea to go with a RDT (Pt100) as a sensor. Mainly because my father had one lying around and it can be used in various environments. These platin sensors also work in very hot ovens as well as very humid places. In opposite to K-type sensors these cannot be as easily read out and need some electronic. So I took the device my father build back when he studied for his diploma thesis, it has an oldschool red LED displaying the temperature and I managed to “hack” it, so that it could be read out with an Arduino.


The old Arduino with breakout board
Continue reading

Microsoft Student Partners XMAS hackathon Darmstadt

Hallo zusammen! Wir veranstalten diesen Samstag kurzfristig einen Hackathon zusammen mit den Microsoft Student Partners in Darmstadt. Diesmal gibt es kostenloses Essen und Getränke für alle Teilnehmer. Als Extra verlosen wir außerdem ein Nokia Lumia Smartphone für die beste gebaute App! (Vielen Dank an die Microsoft Student Partners für die Bereitstellung von Preis, Essen & Trinken)

Das Thema ist diesmal Cross Platform Mobile App Entwicklung mit Visual Studio und Cordova.

Am Vormittag gehen wir durch die Grundlagen der App Entwicklung mit Cordova und Visual Studio, mit ein paar Grundlagen zu JavaScript, AngularJS und beliebten UI Frameworks. Am Ende seid ihr in der Lage eine einfache Applikation zu programmieren die auf Windows Phone, Android & IOS läuft.

Ebenfalls freuen wir uns darüber ankündigen zu können dass unser Designer Marcus Lüttgau (hfg Offenbach) einen kurzen Vortrag über Design Prinzipien der App Entwicklung halten wird, in dem erläutert wird wie Techies ihre Apps benutzerfreundlicher und ansprechender machen können.

Am Nachmittag starten wir den Hackathon und lassen euch eure eigenen Anwendungen entwickeln. Keine Sorge, falls Fragen aufkommen sind wir da um euch zu unterstützen!

Wann? Samstag, 29. November 2014,
Wo? TU Darmstadt, S2|07 / 53
Was? cross-platform mobile development mit Visual Studio and Cordova

Hier registrieren

Event auf facebook

/////////////////////////////////////////////

Hey everbody! We will be hosting a short-notice hackathon this week on saturday in Darmstadt, together with the Microsoft Student Partners Program and this time free food and drinks will be provided for everybody, plus a prize for the best application built during the hackathon: a Nokia Lumia Smartphone! (Thanks to the Microsoft Student Partners Program for providing the prize, drinks and food)

The topic will be cross-platform mobile development with Visual Studio and Cordova. Before noon we will go through the basics of app development with Cordova & Visual Studio, providing a brief introduction to JavaScript, AngularJS & some popular UI frameworks, after which you will be able to develop simple applications that can run on Windows Phone, Android & IOS.

We are also happy to announce that our designer Marcus Lüttgau (hfg Offenbach) will have a short talk about app development design principles and how techies can make their application look & feel nicely to users.

In the afternoon we will start the hackathon and let you develop your own applications. Don’t worry, we’ll be there to support you if you run into issues!

When? Saturday, 29th November 2014
Where? TU Darmstadt, room S2|07 / 53
What? cross-platform mobile development with Visual Studio and Cordova

Register here

Event on facebook