No access to *.dev sites

I’ve been having an odd issue for a couple of months. When accessing sites having a .dev domain (like most recently, I my browsers have given me warnings and as many had HSTS-headers, not allowed me to visit the site.

It seemed like a strange error, and I’ve tried to remember if I’ve set up some proxy or VPN connection, that could cause this issue. A few times I’ve asked others on the net if they had issues – which was not the case – and I’ve tried using a web proxy, and everything worked. Yet no matter which browser I used it didn’t work.

I did try to see if it might be a DNS issue (in the local /etc/hosts file) or anywhere else, but no luck.

Today the issue was finally solved. Examing the certificate by clicking the “Not secure” in the address bar, the certificate turned out to be a certificate (as in “*.dev”), and that eventually provided the clue I needed.

Apparently at some point – long before the dot dev (.dev) domain existed as an actual valid domain namespace, I setup *.dev as a local development namespace – and created a self-signed certificate to allow HTTPS-based development environment for my local domains.

I had long since removed the /etc/hosts entry which sent all *.dev names to localhost but wasn’t aware for the self-signed certificate and it lingered on for years. As most modern sites now use HSTS headers, this caused an issue and I was finally able to identify the issue, launch “keychain access” on my iMac and delete the self-signed certificate which was used for all *.dev sites.

Updating Viscocity certificates (on mac osx)

When using Viscocity to connect to a corporate network or any other openVPN server, you’re probably using certificates with a reasonable lifetime, but sometimes the certificate expire and needs be updated. Replacing the certificate files through the Viscocity interface is quite easy – just edit the connection and replace the certificate files in the appropriate tab.

There is however another little trick, which may need to be applied before the new certificates work. Viscocity offers to save the certificate password in the Keychain and I choose to use this feature, which caused a bit of trouble when updating the certificate. While it ought to – Viscocity does not – clear the password, when the certificate is changed, so to get prompted you need to go into the Keychain access tool and delete the stored password.

Look for an entry looking something like the highlighted line below and delete the occurrence.
Screen Shot 2014-09-09 at 23.04.07


Connection debugging tip

Viscocity provides a detailed log, which makes it much easier to debug connection issues. In the OSX Menu bar, right click the Viscocity icon, then choose “Details”. This opens a details window where a the button bar. The button to the right allows you to see a fairly detailed log of what Viscocity is doing, and provides clues on what to fix. In the screenshot below, it’s a wrong certificate password issue (“private-key-password-failure”).


ftp on OSX Lion

While it really isn’t secure at any measure, ftp is a very useful way of moving files around. Apple’s OSX have a build-in basic ftp server, but in Lion (version 10.7) the user interface seems to have disappeared from the User interface. The servers is still available under the hood if you need it.

To enable the ftp-server (the availability) enter this command in a terminal window:

sudo launchctl load -w /System/Library/LaunchDaemons/ftp.plist

From then on use this command to enable the ftp-server:

sudo launchctl start

and youse this command to stop the ftp-server:

sudo launchctl stop

To remove (the availability) of the ftp-server issue this command:

sudo launchctl unload /System/Library/LaunchDaemons/ftp.plist
  • If you need the ftp-server from time to time, you should probably not remove it, but just stop it, when it’s not being used.
  • If you often need an ftp-server you should probably look at a more full-featured ftp-server (such as pure ftpd).

Looking forward – looking back

There are some fundamental differences in how Microsoft and Apple does things. If you haven’t been aware of them before switching from a Windows based computer to a Mac, you’ll probably notice some of them pretty fast.

One of the first things I discovered is that things are more “binary” in the Mac world. If you have an external device it either works with the Mac or it doesn’t. There isn’t that middle ground from the windows world where it almost works, but not quite – or worse it works in even week numbers but not when the sun shine.

Another thing I fear I’ll discover after the next Apple World Wide Developer Conference is their will to leave things behind. Microsoft has an impressive – maybe even amazing – record of backwards compatibility. Almost no matter how they move forward, they never really break anything backwards. Apple on the other hand is pretty hard on legacy – if you can’t keep up, you’re left behind. They were among the first to drop the disk drive, and they been much more efficient in moving their user base to the current version of their OSX (not quite like Microsoft, which seem to have a hard time getting their users on to Vista).
I’m afraid they’ll announce that the next version of OS X – the 10.6 – is Intel-only – leaving my PowerG5 behind. It doesn’t feel like an old nor slow machine, but once Apple decided it’s too old – it really doesn’t matter – and I better start saving some cash for a new Mac.

MacBook Air – fair criticism?

Earlier this week Apple introduced a new line in their laptop lineup – the MacBook Air. On the web there’s been a number of people criticizing the MacBook Air, and frankly I really don’t get why they need to have every Apple product be a perfect match for them – they aren’t and they’re not supposed to be.

“Top 10 Flaws of the Macbook Air”

Let me add a few comments to some of the points on one of the lists criticizing the Macbook Air:

  1. Battery not user Replaceable
    No it isn’t, but how often do you need that? I’ve never had to replace a battery dispite using laptops for 10+ years. Sure you should be able to, but you can’t – so be it.
  2. No Optical Drive
    Several laptops from other vendors doesn’t have a built in optical drives. It’s not a flaw it’s a feature. Use the external if/when you need it.
  3. Mono Speakers
    Who uses the build-in speakers? I always either using headphones or external speakers. When I do use the build-in speakers it doesn’t matters it’s mono.
  4. Fixed RAM and Slow Processor
    Sure replaceable/upgradeable RAM would be nice, but for most common uses 2 Gb RAM should be sufficient for the expected lifetime of the machine.
    The Core2 Duo 1.6Ghz is probably fast enough for most average uses. It’s not for Photoshop, heavy Video editing, but it’ll run, Safari, iWork and iLife just fine.
  5. Single Link DVI Output
    If you need to have several screens attached to the laptop (or need to power a 30” display) the Macbook Air probably isn’t for you. You’re probably a Pro user, who should look at the Macbook Pro (as the name suggest).

Why the Macbook Air might be just perfect

I’ve been recommending ShuttlePCs for friends and family for the past year, and usually that they buy a reasonable configuration, and use the machine for as long as it suits their needs – then replace it. When it seems slow, lacks hard disk space or what ever – don’t bother with upgrades, spend the money on a new machine.

I’m sure geeks find it amazing to replace memory, hard disk and other upgradable parts, but most computer users these days don’t. They think of their computer just like their car – if you aren’t a mechanic, don’t mess under the hood – you’ll probably do more damage than good.

The MacBook Air isn’t for everyone, but it’s a wonderful machine for many common computer users, and probably not for geeks (that’s why they have the MacBook Pro, remember).

I personally doesn’t give a damn, that the Air doesn’t have an optical drive – I might use the optical drive in my PowerMac twice a year, and using an external drive (or a hosted drive on an other computer) will work just fine for me, thank you.

I might have a problem with the hard disk options, but with a huge digital data collection (photos, music, video and others) I’m already looking into network drives – and with 2+ GB USB pendrives, I can easily place the data on a pendrive and bring them with me.

I really like the weight and the general form factors, and while it may not be the perfect primary computer for all, I’m sure many will be quite satisfied with it – even as their primary computer.

iPod reactions from the past

Web archives and the IT-business has always been a fun combination. Some sites with great expectations crash and burn fast – while other underdogs seem to make it quite well. Predictions and initial expectations seems to be just as bad no matter if it’s hardware, software or devices… Take these iPod comments from the initial launch as a great example, that you really shouldn’t try too hard to predict that future of IT too stubbornly.