SSL upgrades on rubygems and RubyInstaller versions


‘unable to download … ssl error’ .. You get this error when trying to pull updates from ruby gems.

This is a brief explanation of the problem and the workaround.

Background

For those who are not familiar with SSL and certificates, there are many parts that make secure serving of content possible.

SSL certificates are used on the website, which are obtained from a certificate authority (CA) and generated from a private key, along with its respective signature.

Normally and up until a few months ago, private key signatures used SHA-1 as way to provide a digest (or checksum) of the private key without distributing the key itself (remember, needs to remain private).

SHA-1 has been encountered weak and lot of web servers and sites have been upgrading towards SHA-2 (specifically SHA256 or higher) in order to prepare for the browsers changes.

Specific problem with RubyGems

The particular case of RubyGems (the command line tool) is that it requires to bundle inside of its code the trust certificates, which allow RubyGems to establish a connection with the servers even when base operating system is unable to verify the identity of them.

Up until a few months ago, this certificate was provided by one CA, but newer certificate is provided by a different one.

Because of this, existing installations of RubyGems would have to been updated before the switch of the certificate and give enough time for the change to spread (and people to update).

As what normally happens with software, things might get out of sync and coordinate such effort, to the size and usage of rubygems.org is almost impossible.

We had discussed also on IRC, and patches and backports were provided to all major branches of RubyGems: 1.8, 2.0, 2.2 and 2.4

You can find the commits associated with these changes here:

Problem is, only RubyGems 2.4.4 got released, leaving Ruby installation with 1.8, 2.0 and 2.2 in a broken state.

Specially since RubyGems 2.4 is broken on Windows.

Please understand this could happen to anyone. Release multiple versions of any software in a short span of time and be very time sensitive is highly complicated.

Even if we have official releases of any of the versions that correct the issue, it will not be possible install those via RubyGems (chicken-egg problem described before).

Once official releases are out, installation might be simpler. In the meantime, please proceed using the instructions described below.

Installing using update packages (NEW)

Now that RubyGems 1.8.x, 2.0.x and 2.2.x have been released, you can manually update to those versions.

First, download the proper version of RubyGems for your installation (eg. if running version 1.8.28, download 1.8.30).

Note: To find the version of RubyGems you’re using, please run gem --version in the command line.

You can find download links at GitHub under Releases.

Now, locate rubygems-update-X.Y.Z.gem where X.Y.Z will be the matching version for the version of RubyGems you need to update:

  • Running 1.8.x: download 1.8.30
  • Running 2.0.x: donwload 2.0.15
  • Running 2.2.x: download 2.2.3

Please download the file in a directory that you can later point to (eg. the root of your harddrive C:\)

Now, using your Command Prompt:

C:\>gem install --local C:\rubygems-update-1.8.30.gem
C:\>update_rubygems --no-ri --no-rdoc

After this, gem --version should report the new update version.

You can now salefy uninstall rubygems-update gem:

C:\>gem uninstall rubygems-update -x
Removing update_rubygems
Successfully uninstalled rubygems-update-2.2.3

Manual solution to SSL issue

If you have read the above detail that describe the issue, thank you.

Now, you want to manually fix the issue with your installation.

Steps are simple:

  • Step 1: Obtain the new trust certificate
  • Step 2: Locate RubyGems certificate directory in your installation
  • Step 3: Copy new trust certificate
  • Step 4: Profit

Step 1: Obtain the new trust certificate

If you’ve read the previous sections, you will know what this means (and shame on you if you have not).

We need to download AddTrustExternalCARoot-2048.pem.

Use the above link and place/save this file somewhere you can later find easily (eg. your Desktop).

IMPORTANT: File must have .pem as extension. Browsers like Chrome will try to save it as plain text file. Ensure you change the filename to have .pem in it after you have downloaded it.

Step 2: Locate RubyGems certificate directory in your installation

In order for us copy this file, we need to know where to put it.

Depending on where you installed Ruby, the directory will be different.

Take for example the default installation of Ruby 2.1.5, placed in C:\Ruby21

Open a Command Prompt and type in:

C:\>gem which rubygems
C:/Ruby21/lib/ruby/2.1.0/rubygems.rb

Now, let’s locate that directory. From within the same window, enter the path part up to the file extension, but using backslashes instead:

C:\>start C:\Ruby21\lib\ruby\2.1.0\rubygems

This will open a Explorer window inside the directory we indicated.

Step 3: Copy new trust certificate

Now, locate ssl_certs directory and copy the .pem file we obtained from previous step inside.

It will be listed with other files like GeoTrustGlobalCA.pem.

You should be able to install Ruby gems without issues now.

Design meets creativity


Usually when you come across websites and i’m talking about those good websites … they usually have some similarities. edgy features but not edgy enough, catchy and well balanced flow of colours, elligibility and appealing graphics.

However i came across this site and it deserves a special mention. I believe its shows what one can achieve once they attain true mastery. Whoever said building a website ain’t art, is gonna bite their tongue when they see this:

http://chilicongraphic.com/

Whats your take?

Back to the Basics


From time to time you have to go back from whence you came inorder to get perspective to where you are going. And with all these recent developments in web standard technologies, its useful to do this so as to stay in the current. for example, knowing the deprecated elements such as font , bgcolor, since the introduction of HTML5.

Since being relevant in the future is our main aim, i decided to focus on what i think is core to web development and that is dynamic content. Hence the debate JQuery and Javascript. Which is better? which is more dynamic and which is more relevant in the future.

What is JavaScript?

JavaScript is a scripting language that was designed for use within a web browser. Typically, JavaScript is used for interface interactions. Slideshows and other interactive components are typically done using JavaScript.

JavaScript has many other uses as well. If you are familiar with using the Google email client Gmail, you have experienced the power of JavaScript firsthand. Many of the additional features and functionalities that make Gmail such a popular email solution are created using JavaScript.

The uses of JavaScript don’t stop there, however. JavaScript has also been used for server-side programming, game development, and even creating desktop applications.

Years ago, JavaScript was popular but web developers were not entirely sold on the idea of using it simply because every web browser would render JavaScript content in a different manner. Newer standards now force all web browsers to implement JavaScript uniformly; saving developers time and frustration trying to debug code for a specific web browsing client.

Dynamic content is the hot topic in web development right now. Dynamic content refers to content that constantly changes and adapts to specific users whenever possible. For example, JavaScript can be used to determine if a website visitor is using a computer or a mobile device before deciding whether or not to render the mobile version of the website. It’s these small things behind the scenes that create genuine value in using JavaScript to create dynamic web pages.

What is jQuery?

Before jQuery was developed, web developers created their own custom frameworks in JavaScript. This allowed them to work around specific bugs without wasting time debugging common features. This led to groups of developers creating JavaScript libraries that were open source and free to use.

JQuery is simply a specific library of JavaScript code. There are many other JavaScript code libraries such as MooTools, but jQuery has become the most popular because it is so easy to use and extremely powerful.

While many web developers confuse JavaScript and jQuery as two separate programming languages, it is important for you to realize that they are both JavaScript. The difference is that jQuery has been optimized to perform many common scripting functions and it does so while using fewer lines of code.

So Which One Should You Use?

Professional web developers spend a lot of time debating whether JavaScript or jQuery is appropriate in a given situation. The truth is that there is no correct answer. Either option can be used to create the exact same effects, but often jQuery can do it with fewer lines of code.

As a general rule, jQuery is sufficient for most web development projects. There will be some projects that require traditional JavaScript; however, these are few and far between as of late. Although jQuery maybe the better choice in most scenarios, as a novice web developer you should still take the time to learn both JavaScript and jQuery.

Although using JavaScript exclusively can slow down project completion time significantly, it’s important to realize how JavaScript works and how it affects the Document Object Model (DOM).

Remember that the biggest difference between jQuery and JavaScript is that jQuery has been optimized to work with a variety of browsers automatically. Unfortunately, JavaScript still has some issues with cross-browser compatibility due to poor JavaScript implementation practices on the part of web browser developers.

To see this difference in action, consider the following example that is designed to change the background color of a body tag using jQuery and JavaScript respectively:

jQuery

$ (‘body’) .css (‘background’, ‘#ccc’);

JavaScript

Function changeBachground(color) {

        Document.body.style.background = color;

}

Onload=”changeBackground (‘red’);”

Can you see how in a large, complex web development project it makes more sense to use jQuery? A single line of code accomplishes what it takes four lines of code to accomplish in JavaScript and this doesn’t even account for the extra time you might spend debugging this short piece of code to work across popular web browsers including Internet Explorer, Firefox, Chrome, and Safari.

Is jQuery the answer to all of your scripting needs? For most projects – yes. For those few projects that require the specific functions only available in traditional JavaScript, you can quickly adapt your style to include JavaScript code when needed.

Remember that although 99% of your web development projects will work perfectly fine using jQuery, there will be a small percentage that does require JavaScript. As a result, it would be wise to study both so you can transition between the two as needed to provide a better web development service to your clients.

Adding/Finding the Databases window in Adobe CC


i’m recently updating my jutsu in adobe and i was suprised when i couldnt locate the databases window in my Dreamweaver CC.

These are the steps i followed: (Assuming you have Dreamweaver CC installed)

-Download Adobe Extension Manager(You’ll have to have an adobe login or create one)

https://www.adobe.com/exchange/em_download/

-Install and run the Extension Manager and under the File tab. Click on install.

-Navigate to this directory and install:

C:\Program Files (x86)\Adobe\Adobe Dreamweaver CC\Configuration\DisabledFeatures

you’ll find this file:

-Deprecated Panel

install and under the windows tab in Dreamweaver. you’ll find the Databases option

Red


As it fast approaches, hearts beat faster, anxiety levels reach critical points .. tongues go wagging as others go numb. This is what the dreaded 14th brings .. but i recently read something that sort of set the mood and it would be mean not to share .. so lemme give you a sample and you be the judge…

its titled KNICKERS!

There comes a point in a man’s life when he has to remove a woman’s knicker. It’s inevitable. It’s a point of gravitas. It’s a definitive point. It’s the icing of a flirt. It’s the last horn blown to the game of attraction. It’s the last stanza to the love song. A cul-de-sac of the road trod by lovers. Whatever rings your bell.

A woman’s knicker is a cloak that enshrouds her respect. A woman’s knicker is a metaphor of preservation. And because a woman’s knicker is indeed the custodian of her womanhood, it then becomes a symbol of power. A symbol of her power. And for a man to fully be conscious of this power he has to be in that frame where he appreciates the woman’s worth. He has to acknowledge her potential, her insurmountable role. And that’s why men don’t remove prostitute’s knickers…if they wear any.

I lost my virginity in my early teens. I lost it at the back of an old blue Volkswagen Beetle. A little hot contraption with bald tires. She was older. I was wet behind the ears but very enthusiastic and eager as only a 17yr old faced with the prospect of a lifetime can be. She dragged me into this car that sat behind their house, and there she had her way with me. Not that I resisted!

But I didn’t have the pleasure of removing her knickers.

I felt short changed because to fully appreciate a woman’s nakedness you have to remove her knicker. The process of removing a woman’s knickers is sacred. It’s poignant than the first kiss because it’s an endorsement of sort, an endorsement of you as the man of the moment. The very action of removing a woman’s knicker is a powerful moment, an avatar of supremacy. The very exploit of removing her knicker is defining to the moment as it is for the man. It says – rather childishly because indeed aren’t we all children gentlemen? – that we have triumphed. But largely it means success, and success is a tongue that men seek to learn and muster.

Here is an irony: Whilst men might feel like removing a woman’s knicker is a fruition of their own sly effort, the truth is a tad shocking. The sobering truth is that it’s not us who remove women’s knickers; it’s the woman who “removes” her own knicker. In essence, no woman lets you remove her knicker if she isn’t ready for you. She dictates when you remove her knicker and she dictates where you remove her knicker. Hell, she even dictates which knicker you remove. The true power still remains with her.

But still, it’s a moment of beauty to pull down the woman’s knicker, you know? Yank it over her legs and toss it away because for that moment, that moment when she lies there without her knicker she becomes helplessly yours. The moment becomes more than just about sex. It’s naked power to finally expose the real woman because a woman without her knicker is not the same anymore. She can never be the same anymore because her nakedness was her veil of intrigue, and now that that cloak hangs from the lampshade she becomes bare, stripped down to her elements. She becomes vulnerable in your eyes. And she becomes truly yours for the few hours after the departure of the knicker…or for the next one minute for some men.  I’m just saying guys.

Get the rest here: http://bikozulu.co.ke/knickers/

How to install moodle in Kali (Debian)


INSTALL REQUIRED PACKAGES that is:
Web Server (Apache highly recommended)
Database Server (MySQL or PostgreSQL recommended)
PHP, PHP-MySQL mod (or mod for your database)
Various PHP modules necessary for Moodle
-apt-get install apache2 php5 mysql-server php5-mysql libapache2-mod-php5 php5-gd php5-curl php5-xmlrpc php5-intl php-mbstring curl libcurl3-dev libcurl3
#(important for postgresql database usage)
-apt-get install php5-pgsql
-apt-get install clamav-base clamav-freshclam clamav(The clamav package will support virus checking on file uploads into Moodle. May have to run it again
to configure properly)

then change php settings by opening this file: php.ini
-vi /etc/php5/apache2/php.ini
then add these lines under Dynamic extensions
(here you are configuring php to communicate properly with mysql)
extension=mysql.so
extension=gd.so

(here you are configuring php to communicate properly with postgresql)

then search and adjust these values accordingly
memory_limit=40M(mine was 128M so i didnt change)
post_max_size = 80M
upload_max_filesize = 80M

SETUP DATABASE(Postgresql recommended)
login to automatic postgres user(its the default user for postgresql)
-sudo su postgres
Log into the PostgreSQL command line client
-psql -U postgres
After some preamble you should see the prompt postgres=#.

Create the user for the Moodle database and assign a password:
-CREATE USER moodleuser WITH PASSWORD ‘moodleuser123’;

Create the database:
postgres=# CREATE DATABASE moodle WITH OWNER moodleuser;

**Character set and encoding
CREATE DATABASE moodle WITH OWNER moodleuser ENCODING ‘UTF8′ LC_COLLATE=’en_US.utf8′ LC_CTYPE=’en_US.utf8’ TEMPLATE=template0;

INSTALLING MOODLE
first create a directory where moodle will be installed
-mkdir /var/www/moodle
-Download moodle from the site:
visit https://download.moodle.org/releases/latest/
or
wget https://download.moodle.org/download.php/stable28/moodle-latest-28.tgz
go to the directory containing the download
– tar xzpf moodle-latest-28.tgz -C /var/www/
make moodledata directory
-mkdir /var/www/moodle/moodledata

Set permissions(www-data is apache in debian)
moodle
-chown -R www-data:www-data /var/www/moodle/moodle/
-chmod -R 0755 /var/www/moodle/moodle/

moodledata
-chown -R www-data:www-data /var/www/moodle/moodledata/
-chmod 0755 /var/www/moodle/moodledata/

(Optional step,though this is what i did;saves time typing the whole path to the moodle directory)
Change Apache to use Moodle as website
Note that the server comes with Apache running and looking at the /var/www directory. But there is nothing in that folder, so one just gets a redirect. Edit as follows to have it point at Moodle instead:
-vi /etc/apache2/sites-available/default

On about line 4, change DocumentRoot “/var/www/moodle/moodle” to
DocumentRoot “/var/www/moodle”
On about line 10, change <Directory “/var/www/moodle/moodle”> to
<Directory “/var/www/moodle/”>

Final Install
(if option above was used,first time install = localhost/install.php)

type : localhost/moodle/moodle in browser

How to install Odoo/Openerp in Kali (Debian)


After clean install
– update and upgrade system

Add user ‘openerp’ and such that it belongs to group’openerp’
–sudo adduser –system –home=/opt/openerp –group openerp.
-sudo su – openerp -s /bin/bash

login in back as root create passwd and add user to sudo
create password for user ‘openerp’as root
-passwd openerp

Add openerp to sudo group
usermod -a -G sudo openerp

Install postgresql
-sudo apt-get install postgresql
-sudo apt-get install pgadmin3
then start service:
– sudo service postgresql start
then log in postgre
-sudo su postgres e.g openerp@openerp-desktop:/$ sudo su postgres
then create user openerp
-createuser openerp
(y for super user)
view table created
-psql -l
select template and add rights
-psql template1
-template1=# alter role openerp with password ‘postgres’;
ALTER ROLE
then exit (Ctrl+D)

Installation of Odoo

METHOD1

log on as root
(-adding the download URL (address) to the aptitude repository sources as root)

-echo “deb http://nightly.odoo.com/7.0/nightly/deb/ ./” >> /etc/apt/sources.list
then update system
-apt-get update
(Note: The OpenERP package itself is not signed, and a cryptographic key is not provided. Therefore, aptitude will warn you that it can not be authenticated, requesting you to install it without verification)
then install openerp

logon back as openerp
-sudo mkdir /var/lib/openerp
-apt-get install openerp
confirm dependancies and without verification
then start apache2
-service apache2 start

Add the following line to the openerp-server.conf/odoo-server.conf file:
logfile = /var/log/openerp/openerp-server.log/(logfile = /var/log/odoo/odoo-server.log)
-vi /etc/openerp/openerp-server.conf

then make the log file
-sudo mkdir /var/log/openerp OR (odoo) depending

Add permissions
add permissions to user ‘openerp’ to the openerp-server configuration file
-sudo chown openerp: /etc/openerp/openerp-server.conf
sudo chmod 640 /etc/openerp/openerp-server.conf

add permissions to openerp,assuming the openerp server is running under user’openerp’,to install addons
-chmod 775 /usr/lib/python2.7/dist-packages/openerp/addons/
-chown root.openerp /usr/lib/python2.7/dist-packages/openerp/addons/

-To start the Odoo server type:
sudo /etc/init.d/openerp start
or
sudo service openerp start

METHOD2:
Download the latest file
-wget http://nightly.odoo.com/7.0/nightly/deb/openerp_7.0.latest_all.deb
Install OpenERP server.
-sudo dpkg -i openerp_6.1-1-1_all.deb
-sudo apt-get install openerp -f
reboot and start server

START APPLICATION BY:
Access the Web Client using http://ip:8069
in case of this error:DataError: new encoding (UTF8) is incompatible with the encoding of the template database (SQL_ASCII
do the following:
sudo -u postgres psql postgres
update pg_database set datallowconn = TRUE where datname = ‘template0’;
\c template0
update pg_database set datistemplate = FALSE where datname = ‘template1’;
drop database template1;
create database template1 with template = template0 encoding = ‘UTF8’;
update pg_database set datistemplate = TRUE where datname = ‘template1’;
\c template1
update pg_database set datallowconn = FALSE where datname = ‘template0’;
(press Ctrl-D to quit from psql)
restart odoo and try again.

login
USN:admin
pwd:123