Third-Party Certificate for Subsonic on Linux

This is more a reminder-post for myself, than anything else, because every year my StartSSL-Certificate expires, I need to redo this and have to look it up anew. It is based on the basically excellent writeup at fatframe.com, which has a few tiny errors and does not include the info on how to use a non-standard password. (This info I got here at konkretor. Thanks!)

  1. Get a free certificate here.
  2. Once you receive your certificate you will need to combine the private key, server cert, and intermediate certs into one file. Simply open all three in a text editor and copy/paste everything into a new text file without any blank lines. I added mine in the following order:
    Private Key (myserver.key)
    Server Certificate (myserver.ssl)
    Intermediate Certificate (sub.class1.server.ca.pem)
  3. Save this text file as subsonic.crt. Do not mess this up as I did on the first try by using cat in the wrong way, as every new part should start at a new line.
  4. Next, convert the cert from PEM to PKCS12 format using the following command. Choose any password you like. In fact, do not choose the default password of „subsonic“. Memorize that password:
    openssl pkcs12 ‑in subsonic.crt ‑export ‑out subsonic.pkcs12
  5. Use Keytool to import this new keystore:
    keytool ‑importkeystore ‑srckeystore subsonic.pkcs12 ‑destkeystore subsonic.keystore ‑srcstoretype PKCS12 ‑srcalias 1 ‑destalias subsonic
  6. use zip to import the new keystore into the subsonic jar:
    sudo zip /usr/share/subsonic/subsonic-booter-jar-with-dependencies.jar subsonic.keystore
  7. Now tell subsonic the new non-generic password: 
    1. open the subsonic starter:
      sudo nano /usr/bin/subsonic
    2. insert a line with the new password and save, at line 113ish (press alt+c to see line numbers)
      -Dsubsonic.ssl.password=123456 \
  8. Restart subsonic, and enjoy your custom SSL certifcate:
    sudo service subsonic restart

That’s all Folks!

29. November 2014 playing 1 Kommentar zu Third-Party Certificate for Subsonic on Linux

My take on the shirtstorm…

Last week, science did awesome things. Or rather: Reaped the fruits of having done awesome things 10 years ago. We landed a spaceship on a comet and had it talk back to us. That is really, really awesome.

And during this event, the lead scientist did a sartorial booboo: He chose to wear a very boldly patterned shirt that was gifted to him by a good friend. And a shirtstorm occurred, as the „bold pattern“ actually consisted of provocatively half-naked women. Which is really a not very (socially) smart and sexist move.

Now, I highly doubt that Dr. Taylor is a sexist. He seems like a hoopy frood who knows where his towel is, with awesome tattoos and a great beard and hairdo. And the shirt in question was a gift, hand-made by a female friend. And he obviously has at least one foot in the rockabilly/burlesque scene, which is actually full of people who do know what feminism means and who fully support this.

All that makes him very probably (I don’t know him) a good person and not a misogynist asshole that objectifies women. But it still doesn’t make him socially smart in every way. Which is totally ok, not everyone is, nor needs to be. I’m not that socially smart either.

Still, in the context of presenting a major science success to a very diverse and international audience, wearing this shirt was a bad idea. Most of those who see it don’t get the rockabilly/burlesque background, they don’t know that it was a hand-made gift, they don’t know Dr. Taylor or how he usually behaves. They just see some bloke in a shirt full of nekkid ladies. And then jump to conclusions. So there’ll be folks who immediately think that „I wouldn’t wear this around ladies, so there can’t be any women in this project!“ or other dumb stuff.

And that is why it is still somehow important how we dress. I have tattoos. I love to wear „odd“ shirts. I play computer games and enjoy pen&paper roleplaying games. And heck, yes, I like New Burlesque and thus occasionally have saucy background pictures on my home computer desktop. I’m not ashamed of either of these things, and if asked, will tell you about them, often enthusiastically.

But I also know what sort of message appearances send, so I do dress for the occasion, be it a meeting with a client, going out for drinks with friends, having dinner with family or presenting awesome computer facts to a diverse audience. And I do know when to not draw attention to this or that facet of my interests, because I understand that they might detract from the message  I actually want to send.

And that is the actual tragedy of the #Shirtstorm, that the very exciting science suffered negative attention.

17. November 2014 thinking Keine Kommentare zu My take on the shirtstorm…

GateKeeper — first impressions

keychain-dongleEarly this year, I backed the GateKeeper — a small dongle that locks and unlocks my PC based on proximity. The general idea is that you clip a small bluetooth sender to your belt, and a dongle on your PC checks the signal strength to determine how close you are to it.

By now, the small black box has arrived, and I’ve done a bit of testing with it. The good news: It works.

The bad? It’s a bit fiddly. The USB dongle is, at least in my opinion, at the same time way too big and way too fragile looking. The dongle that you’re supposed to take with you is also not as tiny as hoped, although small enough. But my main gripe is with the usability.

Of course, the signal strength of a small bluetooth emitter will vary. If there are keys in the path between sender and receiver (likely, if you add it to your keychain), if you move, if other signals interfere — then you may suddenly find your computer locking up in the middle of your work. You can adjust the sensitivity, but then you may find that you can walk a bit too far for your liking before your computer gets locked.

usb-dongleAlso, the Android app appears to be still in quite a beta state, I didn’t find it very usable.

But this is just my first day of testing, and apart from that, things work quite nicely: My system locks when I leave it, and it unlocks when I come back, although sometimes with a slight delay. At the moment, I think it’s more of a convenience thing than a real security tool. If, for example, the USB dongle gets removed, or the software tool gets stopped, your computer won’t lock or unlock automatically anymore. And it does take a small leap of faith to just walk away from ones workstation, assuming/hoping that it’ll lock.

At roughly 50$, it sits exactly at that awkward price point where it is slightly too expensive for simple gimmickry while it is not that a security boon to those who are willing to spend that money (meaning: Big Companies).

8. Oktober 2014 playing, random Keine Kommentare zu GateKeeper — first impressions