I recently had some trouble with verifying an SSL in PHP on a client's server that I couldn't reproduce anywhere else. It eventually turned out that the client's IT department was presenting a different SSL certificate to the one served by the website. To help me diagnose this, I used this command line script to display the SSL certificate: getcert.sh
echo | openssl s_client -showcerts -servername !$ -connect $1:443 2>/dev/null \
| openssl x509 -inform pem -noout -text
Running it against mozilla.org, the start looks like this:
$ getcert mozilla.org
Version: 3 (0x2)
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV CA-1
Not Before: Nov 24 00:00:00 2015 GMT
Not After : Dec 29 12:00:00 2016 GMT
Subject: businessCategory=Private Organization/18.104.22.168.4.1.322.214.171.124.3=US/126.96.36.199.4.1.3188.8.131.52.2=California/serialNumber=C2543436/street=650 Castro St Ste 300/postalCode=94041, C=US, ST=California, L=Mountain View, O=Mozilla Foundation, CN=www.mozilla.org
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (2048 bit)
Modulus (2048 bit):
In my case, I… continue reading.
I recently discovered the -i switch to curl! I have no idea why I didn't know about this before… Curl is one of those tools that every developer should know. It's universal and tends to be available everywhere. When developing APIs, I prefer to use curl to view the output of a request like this:
$ curl -v -H "Accept: application/json" https://api.joind.in/
* Trying 184.108.40.206...
* Connected to api.joind.in (220.127.116.11) port 443 (#0)
* TLS 1.2 connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
* Server certificate: api.joind.in
* Server certificate: Gandi Standard SSL CA 2
* Server certificate: USERTrust RSA Certification Authority
* Server certificate: AddTrust External CA Root
> GET / HTTP/1.1
> Host: api.joind.in
> User-Agent: curl/7.43.0
> Accept: application/json
< HTTP/1.1 200 OK
< Date: Sun, 15 May 2016 11:05:27 GMT
< Server: Apache
< X-Powered-By: PHP/5.6.4
< Access-Control-Allow-Origin: *
< Content-Length: 363
< Content-Type: application/json; charset=utf8
* Connection #0 to host api.joind.in left intact
-v is for verbose and so you get told all the information you could possibly want. However, usually, I… continue reading.
The Swift application that I'm currently developing gets data from Twitter and I was struggling to get a valid auth token. To solve this, I wanted to see exactly what I was sending to Twitter and so opened up Charles on my Mac to have a look. As my application is running within a Vagrant box running Ubuntu Linux, I needed to tell it to proxy all requests through Charles. To do this, you set… continue reading.
I'm sure everyone already knows this, but it turns out that you can customise Bootstrap 3 without having to understand Less. Part of the reason that I didn't realise this is that I run my web browser windows quite small and regularly don't see the main menu of getbootstrap.com as it's hidden being the "three dashes" button. However, there's an option called Customize on it. This page gives you a massive form where you can… continue reading.
A few days ago, techPortal published my tutorial Create a RESTful API with Apigility. Apigility was announced at ZendCon US in October 2013 and I think that it looks like a useful tool for creating APIs. I particularly like that versioning is built in from the start and that it handles content negotiation. If you want to learn about Apigility, then have a read. The source code is available on GitHub.
I have a number of command line scripts that copy MySQL databases down from staging servers and store them locally. These scripts set the password on the command line using the -p option. With MySQL 5.6, a new warning is displayed every time my scripts run:
Warning: Using a password on the command line interface can be insecure.
This is annoying! The way to solve this is to use the new command line tool mysql_config_editor to set up a "login path" which the mysql command line… continue reading.
This is one of those posts to remind me how I solved a problem last time! I've recently been using Capistrano for deployment and other remote tasks and it's proving quite useful. One problem I ran into was that the umask was being set to 022 when using Capistrano and 002 when I was ssh'd into the server itself. After a bit of research, I discovered that the secret is to put the umask statement… continue reading.
I currently use a very simple set of core objects within my model layer: entities, mappers and service objects. Entities are objects that represent something in my business logic. For example, in my traditional Album's tutorial, the entity would be the object that holds one album. It has properties such as title, artist and date created and methods that are specific to this entity. Mappers know how to save and load an entity from the… continue reading.
I'm sure everyone else already knows about watch, but it's new to me. This little utility executes a program repeatedly at a set interval and displays its output. I've been using it with mysqladmin's processlist command like this: watch -n 1 /usr/bin/mysqladmin -uroot -pMYPASSWORD processlist Note that this does put your password on display at the top of the command window whilst watch is running. If you don't want that, you could write a little… continue reading.