Ramblings on technology with a dash of social commentary
RSS icon Email icon Home icon
  • How to install an SSL certificate on CentOS for Apache

    Posted on March 19th, 2011 phpguru 4 comments

    Getting Apache to serve up pages over a secure connection requires a little bit of configuration.

    If you want to use a self-signed certificate, you may want to look here.

    Step 1. Make sure you have openssl and mod_ssl installed on your CentOS server.

    yum install openssl mod_ssl

    Step 2. Make sure Apache is configured to load the mod_ssl module. In my case, in /etc/httpd/conf/httpd.conf it says:

    Include conf.d/*.conf

    This little line of code is how the file /etc/httpd/conf.d/ssl.conf gets loaded. The SSL configuration file for Apache is where I ended up putting the configurations for my server.

    Step 3. Now we’re ready to generate a CSR – Certificate Signing Request. This is something unique to your specific server that you use to generate a CRT (actual SSL certificate file) from your SSL vendor of choice. Note that this process could require several hours or days, along with email confirmations from your domain’s technical or administrative contact.

    This page on the CentOS wiki gives you a great overview of the process. But after I tried that, GoDaddy complained that it needed a 2048-bit CSR. So this page showed me how to generate the CSR with a 2048-bit key:

    openssl req -nodes -newkey rsa:2048 -keyout your-domain-name.key -out your-domain-name.csr

    Now of course you will be replacing your-domain-name with the exact domain name (or subdomain if applicable). By default, using openssl on the command line generates files in the current working directory, but you can pass in the full pathnames if you want, too.

    cat /path/to/your-domain-name.csr

    Step 4. Copy and paste that mess into your SSL vendor’s ‘Paste CSR’ step of SSL Cert activation. This process varies wildly by SSL vendor, and also the level of security of SSL you purchased. Be warned that SSL Certificate authorization emails may be sent to the administrative and technical contacts on file with the domain registrar, too, so this process can take up to a few days.

    Step 5. Once your SSL certificate is generated, you can download it from your SSL vendor and upload it to your server. If you’re using GoDaddy you’ll need the gd_bundle.crt file too.

    Step 6. Now that you have your key, SSL Cert (.crt file) and the ca bundle (Certificate Authority) you have to edit the http.conf or ssl.conf file for Apache to know where to load the certificate files. This is how my ssl.conf looks

    SSLCertificateFile /etc/pki/tls/certs/your-domain-name.crt
    SSLCertificateKeyFile /etc/pki/tls/private/your-domain-name.key
    SSLCACertificateFile /etc/pki/tls/certs/gd_bundle.crt

    Step 7. Use apachectl to do a syntax check on the config files

    apachectl -t
    syntax OK

    Step 8. Fix any typos you made, and finally start or restart Apache:

    apachectl restart

    At this point you might get excited and try accessing your website at https:// for the first time, but on many configurations, the odds are port 443 is blocked by default. If you get a long connection or timeouts, that’s probably your issue too. So it may be necessary to open port 443 with iptables like this post shows. I found the second one worked

    iptables -I INPUT -p tcp -m state --state NEW,ESTABLISHED --dport 443 -j ACCEPT
    Hopefully this helped you.
  • Recursively Delete Dreamweaver _notes Terminal Mac OS X

    Posted on January 21st, 2011 phpguru 2 comments

    Check this out. Launch terminal and CD to your Sites directory.

    cd ~/Sites
    find website.com/* -name _notes -print0 | xargs -0 rmdir

    Gotta love LinuxForums.org.

  • MySQL won’t start on Snow Leopard

    Posted on December 31st, 2010 phpguru 6 comments

    I recently spent a lot of time scratching my head over this. Partial solution only at this point, any additional ideas would be most welcome.

    I restored a Time Machine backup from an older 32-bit MacBook Pro onto a new 64-bit MacBook Pro. Apache & PHP worked fine, but I had compiled the 32-bit version of 5.1 on the 32-bit box. I had problems with MySQL starting after the restore, which led me to rm -rf everything related to MySQL including the /Library/StartupItems/LaunchDaemon, reboot, and install the 5.1.54 from the 64-bit dmg download installer.

    After this, I figured I’d be fine, The MySQL preference pane in System Prefs shows “stopped”. Clicking start has no effect.

    ps aux | grep mysql

    shows only my grep command.

    I had to do a few things to get MySQL partially working.

    1) I had to

    chown -R mysql:wheel mysql-install-dir/bin
    chown -R mysql:wheel mysql-install-dir/data

    2) I discovered I can only start MySQL if, from terminal, I do:

    sudo /usr/local/mysql/bin/mysqld_safe --user=root

    I can’t connect to mysql from the command line with the dreaded

    ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/tmp/mysql.sock' (2)

    I do another

    ps aux | grep mysql

    and see it’s starting with


    So I make a symlink

    ln -s /var/mysql/mysql.sock /tmp/mysql.sock

    and try again

    mysql -u root -p

    Yes! Now I can use MySQL from the command line. After Googling for hours, I’ve seen others with similar install/starting problems on the latest Snow Leopard. I think it all has to do with file permissions on the /bin and /data directories.

  • New Kohana 3 Resources

    Posted on November 29th, 2010 phpguru No comments

    Kohana 3 is getting new fixes and upgrades every day. Here’s the latest batch of helpful new Kohana 3 resources on various topics.

    From Mixu.net…

    Kohana 3 Form Validation – validating form input (here’s another post on user input in Kohana 3)

    Kohana 3 i18n – localization/internationalization

    From Kerkness.ca…

    Kohana 3 ORM – Object Relational Mapping

    From DealTaker.com – now a 9 part Kohana 3 tutorial series

    Kohana 3 Routing – Choosing the right action based on the request

    From o1iver.net…

    Kohana 3 Introduction – 3 part series

    From elsewhere…

    Kohana 3 resized image urls

    Migrating to Kohana 3 from Dupal in 2 weeks

    Custom 404 page in Kohana 3

    Awesome explanation with diagram of (H)MVC

    Seems more are coming out every day. Kohana 3 rocks.

  • JQuery Timer Opens ColorBox…Then Flash Displays on Top in IE

    Posted on November 22nd, 2010 phpguru No comments

    I’m in the process of adding a new feature to the home page of a client’s website. The desired functionality is best described as follows:

    When visiting the home page, after a few moments, I want an overlay to appear, and inside the overlay will be a promotion to sign up for the website’s email newsletter.

    A friend of mine (o3c) recently turned me onto ColorBox, from Colorpowered.com. Excellent stuff! I’m almost done implementing it, and ran into a few integration issues that I thought I’d share. For the record, I want to state that none of the issues I ran into are problems with ColorBox! The ColorBox code is rock-solid. No, as usual, the problems are with Flash content on the page, and particularly within Microsoft Internet Explorer. As usual, everything works fine in Firefox, Safari & Chrome.

    So we have a couple of questions to answer. One is: How do you open ColorBox with a Timer? And the second is: How do you open a ColorBox over Flash in IE?

    Timers are still done with “old school javascript.” The syntax is a little goofy, but it’s not specifically JQuery related. We’ll come back to that.

    You have Flash on a page, and when your ColorBox appears on the page in IE, the Flash content underneath the overlay draws over top of the ColorBox overlay content, right? Contrary to how the rest of the world behaves (correctly), Adobe Flash (by default) draws last, which causes it to look like it’s on top of everything else. There are usually some easy fixes for that (most often, #3, below).

    Still reading? Ok, let’s get down to it. Here’s some general troubleshooting tips before we begin.

    1. Make sure your page Validates. Use the validator.w3.org
    2. Depending on your usage, you may have to make IE8 behave like IE7… a.k.a. force IE7 compatibility mode
    3. Tell the Flash content to have the “wmode” parameter, and set the value to “transparent

    Now, you may have already tried all of these things. I did, and the Flash content was still showing on top of my ColorBox content.

    So what’s a web developer to do. JQuery to the rescue. What we can do is hide the Flash content before the ColorBox appears, and turn it back on when the ColorBox goes away. It’s not a perfect solution, but it will hopefully work on all browsers so we can go about our day.

    In looking at the ColorBox API/Documentation, they’ve provided two events that look to be very helpful to this type of situation. Scroll down to the bit about “Extending,” almost to the very bottom where it says “Event Hooks” and look for the following:

    ‘cbox_open’ triggers when ColorBox is first opened, but after a few key variable assignments take place.
    ‘cbox_closed’ triggers as the close method ends.

    The container on my page that contains the Flash content has an id=’img_accordian’. My first thought was to do something like:

    $('#img_accordian').bind('cbox_open', function(){
    }).bind('cbox_closed', function(){

    but the above did not work! When I reloaded the page, it had no effect. No errors, but nothing happening. A quick Google search revealed this tidbit on the ColorBox Discussion Group on Google. So I just tried the more obvious…

    $().bind('cbox_open', function(){
    }).bind('cbox_closed', function(){

    Boo-yah! Now I can move onto something much more fun. So much of my time wasted due to inadequacies of Internet Explorer. Sigh… such is life.

    Whoops — not so fast — now that we have our signup form opening into a ColorBox iFrame, it shows every time we visit the home page. We want it only to show this pop-up-style signup form once during the user’s session. A cookie is the perfect place to store a simple “yes,” value, indicating that the user has seen the popup already.

    Another Google search on JQuery Cookie found the JQuery Cookie plugin. To make use of this, we need to open the signup form ColorBox only if the user has not seen it already. Then if we open it, we can set the cookie that says they saw it, thus preventing it from showing again (until we clear cookies or the cookie expires.)

    The two last features you’ll see in the code below are the finished timer, which I have set to open in 7.5 seconds. In testing, I may change it to 7, 6 or even 5 seconds. Also, I wanted a second “signup for e-news” link on the page in the footer that triggered the ColorBox overlay. So you’ll see in my code I created a custom object, “cbprops” to store the custom ColorBox configuration values, and then attached it to fire on the #signup_link.

    Here’s the final completed code.

        var cbprops = {opacity: 0.5, href:"/signup", width:"660px", height:"680px", iframe:true};
            var timer = setTimeout(function(){
            $.fn.colorbox(cbprops); }, 7500);
    }).bind('cbox_open', function(){
    }).bind('cbox_closed', function(){

    There you have it, folks. We’re using a Javascript timer to open a ColorBox that hides Flash content in the background and setting a cookie so it only happens once. I hope you enjoyed reading — happy programming! Feel free to steal this code. If stealing doesn’t sit right with you, feel free to donate to JQuery or buy a 2011 Funny Pug Calendar!

  • Twitter API Snowflake and MySQL

    Posted on November 13th, 2010 phpguru 2 comments

    I’ve been looking at APIs lately, and in particular, the Twitter API.

    I managed to stumble into an advanced discussion on the Twitter developer forums about Twitter’s “Snowflake” update. One of the primary changes of the Snowflake update is the use of 64-bit integers for their ID.

    As a PHP & MySQL developer interested in learning more about the Twitter API, I want my database schema to be optimized properly.

    On this page of the MySQL website, it says, in part:

    Some things you should be aware of with respect to BIGINT columns:

    • All arithmetic is done using signed BIGINT or DOUBLE values, so you should not use unsigned big integers larger than 9223372036854775807 (63 bits) except with bit functions! If you do that, some of the last digits in the result may be wrong because of rounding errors when converting a BIGINT value to a DOUBLE.

    Does that mean I cannot use a BIGINT to store a Tweet’s primary key?

    Surely VARCHAR(64) will be much slower…

  • LVS-TUN How To on RackSpace Cloud

    Posted on October 6th, 2010 phpguru No comments

    I have to hand it to the sales/techs over at RackSpaceCoud.com.

    After just a few minutes with their Online Chat Sales, I was intrigued enough to create an account. Heck, it was free, and would give me a chance to experiment with server configuration via one of the hot topics today – virtualization.

    One of the first things I mentioned to Zack (I think that was his name) was that I was interested in making a more fault-tolerant web server setup. My client at the time had a dedicated server, but was planning on a few different television appearances, and didn’t want his site to go down with the surge of traffic.

    Load Balancer How-To using Apache Mod_Proxy (Easy)

    The RackSpaceCloud tech linked me to this article by Brandon Woodward on how to set up a simple load balancer using Apache. I followed that article to the letter, using one CentOS VM for the load balancer, and two CentOS VMs for web heads.

    Well, I have to admit, it was not as difficult as I thought it would be. Now granted, it’s not super robust, but for a simple round-robin load balanced setup, it only took an hour or two to setup and configure, and it is still in place on the client’s domain. Not bad, considering it’s the equivalent of 3 servers for less than $50/mo.

    Load Balancer How-To using LVS-TUN (Intermediate-Advanced)

    Having found the RackSpaceCloud article on setting up a load balancer with Apache just a few months prior, I was interested in learning more when I saw this new article by the same author on installing and configuring LVS-TUN.

    I was intrigued, because even though I believe having a mod_proxy-based load balancer solution on 3 servers in the cloud is preferrable in many ways to a single server with no load balancer at all, I could still see some areas for improvement and wondered what else was out there.

    Woodward explains it like this:

    LVS-TUN is a tunneling load balancer solution that will take all incoming requests through the load balancer and forward the packet to the web nodes. The web nodes will then respond directly to the client without having to proxy through the Load Balancer. This type of solution can allow for geo-load balancing, but will more importantly allow a customer use the bandwidth pool available from all web nodes, instead of relying on the limited through put of the load balancer.

    In other words, whereas the mod_proxy-based load balancer is quick and easy to set up and manage, the load balancer itself is a single point of failure, since it is acting as a proxy for the two web heads behind it. LVS-TUN on the other hand, enables the load balancer itself to be distributed, and also takes advantage of the web heads serving content directly back to the client.

    Whether you’re looking at a load balanced setup for scalability or just your own hardware architecture experimentation, without a doubt, the cloud is the best playground.

  • How To Do A Domain Name Registrar Transfer

    Posted on July 26th, 2010 phpguru No comments

    Transferring your domain name from one registrar to another can be a giant pain in the rump. The process is a bit error prone and rather confusing, mainly because every domain name registrar has a different process and different interface. Plus, it is in each registrars interest to the make the Transfer Out process as cryptic and illogical as possible, since if it fails at any step along the way, they’ll retain ownership of the registry and possibly get another annual rebill out of you.

    In this tutorial we will be moving domains…

    From: Dotster.com (the Old Registrar, Current Registrar, or Outbound Registrar)
    To: GoDaddy.com (the New Registrar, or Inbound Registrar)

    Don’t get me wrong – both GoDaddy and Dotster are terrific Registrars. There’s no hard feelings here, I’m just consolidating accounts to GoDaddy to save a little money and take advantage of their TotalDNS service, which usually costs extra at other registrars.

    Note that if you are transferring from or to different domain name registrars, your process will be similar overall, but the sample screenshots and link names will obviously be different for you.


    The registrar transfer process hinges on a basic email verification process. In a nutshell, the new registrar sends Email #1 (containing a Transaction ID and a Security Code) to the administrative contact on file at the current registrar. You login to the current registrar and generate an Authorization Code, which is sent via Email #2 to the administrative contact on file. Assuming your email is on file as the administrative contact, you’ll receive these two emails within a few minutes. You then login to your account at the new registrar, and initiate the transfer process by entering the transfer Transaction ID & Security Code, and finally, the authorization Code from the current registrar. Once all 3 codes have been entered, your domain should be migrated to the new registrar within 72 hours.

    The Process

    Before you begin, login to your current registrar and update your domain name contacts. The critical contact record you will want to update is the administrative contact. Domain Registrar Transfers are accomplished by emailing the administrative contact email address. If you cannot access the email account listed and need to make updates, do this step 24 hours prior to initiating the registrar transfer.

    1. At GoDaddy, purchase your domain name as a transfer registration. GoDaddy also has a nice interface to do bulk transfers, but – trust me on this – do domain transfers one at a time or it gets extremely confusing.
      Transfer Domain
    2. At GoDaddy, login to your account, and go to My Account -> Domains -> Pending Transfers
      Pending Transfers
    3. At GoDaddy, on the Pending Transfers page in the domain management area, click on the domain you want to work with. If you’re transferring multiple domains at once, you can see the status of each domain’s transfer process here.
      Domain Transfers
    4. At GoDaddy, click the Reinitiate button. This poorly-labeled button is the one that actually sends the Transaction ID and Security Code email to the Administrative Contact on file at the current registrar.
      Reinitialize Domain Transfer
    5. Now create a new browser tab and login to your domain management account at your current registrar. In my case this is Dotster.
    6. At Dotster, unlock your domain for transfers at the current registrar. This is done on the main account list screen by checking the domain, picking ‘Unlock these domains – to allow transfers’ from the dropdown, and clicking the Manage Domains button.
      Unlock Domain at Dotster
    7. Once Dotster says OK – Unlocked, go back to the domain management page and scroll to the bottom. Click the link that says ‘Request Authorization Code’
      Request Transfer Authorization Code
    8. Next, check your email. If you’re not the administrative contact on the domain you’re trying to transfer, have the person who is forward you any emails they receive from GoDaddy or Dotster.
      Check your email
    9. You will receive Email #1 from GoDaddy. It is from transfers@godaddy.com and lists the Domain Name, the Transaction ID and a Security Code.
      GoDaddy Registrar Transfer Email Sample
    10. You will receive Email #2 from Dotster. It is from auto@dotster.com. It contains your Domain Transfer Authorization Code.
      Domain Transfer Authorization Email
    11. Go Back to your GoDaddy account and prepare to initiate the transfer. You’ll need the Transaction ID, Security Code (from GoDaddy) and Authorization Code (from Dotster) handy.
    12. At GoDaddy, check the checkbox next to the domain listed under Pending Transfers, and click the black Authorize button, and pick ‘Begin Transfer Authorization’ from the dropdown underneath it.
      Initiate Transfer Authorization
    13. Enter the Transaction ID and Security Code (from Email #1) and click Next.
      Entering Transaction ID and Security Code
    14. On the confirmation page with your domain name shown, pick the Authorize button and click Next.
      Authorize Domain Transfer to GoDaddy
    15. On the Authorization page, paste the Authorization Code (from Email #2) and click Finish. Click OK to the final confirmation.
      Entering Transfer Authorization Code
    16. Now, just wait 72 hours and you should be good to go with your domains at GoDaddy. Note, you’ll receive at least one additional email (a transfer notification courtesy) from GoDaddy, during this process. You can ignore this email as it has no information pertinent to the actual process.
    17. After a few days, log in to your GoDaddy account and re-visit the Pending Domain Transfers page. Once all the approval codes have been entered & registered (steps 1 – 15 above) you’ll need to finalize the transfer in the GoDaddy interface.
  • Read Free Book Online: Thinking In Java

    Posted on July 21st, 2010 phpguru No comments
    Read the online e-book, Thinking In Java - free!

    Read the online e-book, Thinking In Java - free!

  • What is ORM and why should you use it?

    Posted on May 11th, 2010 phpguru 2 comments

    I’ve been asking myself this question a bit more lately so I wanted to find some answers. Nowadays, ORM typically stands for Object Relational Mapping, and less commonly, Object Role Modeling, although the two concepts are related. Mainly I am curious about some of the new ORM implementations for Kohana 3, namely Sprig (based on Django) and Jelly.

    The first page on this topic can be found over at Stack Overflow.

    On the StackOverflow page is a link to this post by Glenn Block on the MSDN blog. I found it a bit surprising that this particular post hadn’t been voted on by any other Stack Overflow members as I found it an insightful and succinct explanation of why you might want to consider using ORM.

    I noticed another topic that comes up in relation to ORM is DM, the Domain Model pattern, and DDD, Domain Driven Design. I thought this post entitled DDD – why bother? was an interesting take with a terrific example illustrating the benefits of an ORM system.

    This post was inspired by Koes.