Search Results

Search found 24106 results on 965 pages for 'usb key'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 395/965 | < Previous Page | 391 392 393 394 395 396 397 398 399 400 401 402  | Next Page >

  • Cannot enter BIOS due to broken screen

    - by gamer
    Lately my laptop(hp g42 247sb) screen is damaged, so I hook it up with a external monitor(LG something) and it works fine now. But the only annoying thing is I cannot navigate the BIOS menu for some tweaking because the BIOS not shown on the external monitor,instead, it only shown on the broken laptop screen, and it only output to my external monitor when windwos/os is loged-on. So, is there anyway I can force output during BIOS/BOOT/POST to my external monitor? Things I have done and didn't work: (1)Set my LG monitor as primary display on both window properties and Intel Graphics panel (2)Enter the bios (F10 key) and press the fn+F4 key(change display output). (3)Disable and uninstall my internal screen(broken laptop screen) using device manager and restart, but windows(bios?) install it back on log-on. Please help me!

    Read the article

  • Dovecot and StartSSL problems with issuer

    - by knoim
    I am using dovecot (1) and trying to get my StartSSL certificate running. ssl_key_file points to my private key I tried pointing ssl_cert_file to my public key, with and without using the class1 certificate from http://www.startssl.com/certs/sub.class1.server.ca.pem as ssl_ca_file aswell as combing them with cat publickey sub.class1.server.ca.pem chained My mail client keeps telling me the certificate has no issuer, but doing openssl x509 on my public certificate tells me it is C=IL, O=StartCom Ltd., OU=Secure Digital Certificate Signing, CN=StartCom Class 1 Primary Intermediate Server CA My option for the CSR were: openssl req -new -newkey rsa:4096 -nodes Dovecot's log doesn't mention any problems. EDIT: Doesn't seem to be a problem with dovecot. I am having the same problem with postfix. openssl verify gives me the same error.

    Read the article

  • launchctl - use rvm instead of system Ruby in executed scripts?

    - by Stefan Kendall
    I have a launchctl job I define as such: <key>ProgramArguments</key> <array> <string>/bin/sh</string> <string>-c</string> <string>~/projects/script.sh</string> </array> When I run script.sh manually, the script works fine, as it uses the currently configured rvm version of ruby. When I run this through launchctl, the system version of Ruby is used, which breaks the script. How can I get this script to run with the right version of ruby available?

    Read the article

  • Per-vertex animation with VBOs: Stream each frame or use index offset per frame?

    - by charstar
    Scenario Meshes are animated using either skeletons (skinned animation) or some form of morph targets (i.e. per-vertex key frames). However, in either case, the animations are known in full at load-time, that is, there is no physics, IK solving, or any other form of in-game pose solving. The number of character actions (animations) will be limited but rich (hand-animated). There may be multiple characters using a each mesh and its animations simultaneously in-game (they will be at different poses/keyframes at the same time). Assume color and texture coordinate buffers are static. Goal To leverage the richness of well vetted animation tools such as Blender to do the heavy lifting for a small but rich set of animations. I am aware of additive pose blending like that from Naughty Dog and similar techniques but I would prefer to expend a little RAM/VRAM to avoid implementing a thesis-ready pose solver. I would also like to avoid implementing a key-frame + interpolation curve solver (reinventing Blender vertex groups and IPOs). Current Considerations Much like a non-shader-powered pose solver, create a VBO for each character and copy vertex and normal data to each VBO on each frame (VBO in STREAMING). Create one VBO for each animation where each frame (interleaved vertex and normal data) is concatenated onto the VBO. Then each character simply has a buffer pointer offset based on its current animation frame (e.g. pointer offset = (numVertices+numNormals)*frameNumber). (VBO in STATIC) Known Trade-Offs In 1 above: Each VBO would be small but there would be many VBOs and therefore lots of buffer binding and vertex copying each frame. Both client and pipeline intensive. In 2 above: There would be few VBOs therefore insignificant buffer binding and no vertex data getting jammed down the pipe each frame, but each VBO would be quite large. Are there any pitfalls to number 2 (aside from finite memory)? Are there other methods that I am missing?

    Read the article

  • Friday Tips #6, Part 2

    - by Chris Kawalek
    Here is a question about updating Oracle VM: Question: How can I perform Oracle VM 3 server updates from Oracle VM Manager? Answer by Gregory King, Principal Best Practices Consultant, Oracle VM Product Management: Server Update Manager is a built-in feature of the Oracle VM Manager. Basically, Server Update Manager automatically configures YUM updates on all the Oracle VM Servers, pointing each to our Unbreakable Linux Network (ULN) update channel for Oracle VM. The servers periodically check with our Oracle YUM repository and notify the Oracle VM Manager that an update is available for each server. Actual server updates must be triggered by the Oracle VM administrator – they are not executed automatically. At this point, you can use the Oracle VM Manager to put a server into maintenance mode which live migrates all the running Oracle VM Guests to other Oracle VM Servers in the server pool. Once all the Oracle VM Guests have been migrated, the Oracle VM administrator can trigger the update on the server. The entire process is documented in the Installation and Upgrade Guide of Oracle VM Documentation so I won’t spend time detailing the steps. However, configuring the Server Update Manager is exceedingly simple. Simply navigate to the Tools and Resources tab in the Oracle VM Manager, select the link for Server Update Manager and ensure the following values are added to the text boxes as shown in the illustration below: YUM Base URL: http://public-yum.oracle.com/repo/OracleVM/OVM3/latest/x86_64 YUM GPG Key: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-oracle Every server in the pool will be automatically configured for YUM updates once you choose the Apply button. Many thanks to Greg and Rick for providing the answers to this week's questions. If you want to ask us something, hit up Twitter and use hashtag #AskOracleVirtualization. See you next week! -Chris 

    Read the article

  • How do you make Windows 7 fully case-sensitive with respect to the filesystem?

    - by trusktr
    I want to make Windows 7 case-sensitive when it reads/writes anything on the hard drive (the C drive, or any other NTFS drive). I found a video via google that says to change the registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\DontPrettyPath to a value of 1 (source). I also found a Windows support item that says something about modifying the registry key HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\kernel\obcaseinsensitive that leads me to assume putting a value of 0 will make Windows case-sensitive with NTFS filesystems (source). I have a feeling the second solution is the answer, but I'm not sure and I don't want to try it without being sure. Does anyone know for sure what is the correct way to make Windows 7 case-sensitive when it reads/writes to the C drive (and any other NTFS drive)?

    Read the article

  • DoubleCommand Non-Functional on 10.6.3.

    - by Tim Visher
    I have a 1st or 2nd generation MacBook running 10.6.3. I want to remap my enter key to Ctrl and my right option key to enter (Emacs… yeah) and DoubleCommand seems to be precisely what the doctor ordered. Unfortunately, after having installed the latest version, it seems to be doing absolutely nothing. The correct settings are saved and active, but none of the remapping is taking effect. Are there any known issues with other OS X plug-ins (I run pretty heavily modified) or extensions that I should be aware of? What could the issue be? I initially tried to set only the User settings and then logged out and logged back in but nothing happened. I then tried saving them to System as well and logged out and in and nothing. Then I restarted the machine… twice… and nothing happened. Thanks in advance!

    Read the article

  • Synergy: avoid single machine loop when client is not connected

    - by petobens
    In order to loop between my screens I have the following section in my synergy.sgc file: section: links Pedro-Acer: right = pedro-lubuntu left = pedro-lubuntu pedro-lubuntu: left = Pedro-Acer right = Pedro-Acer end With those settings When the client disconnects the server screen wraps around itself as seen in the image below. I don't want this behavior. The only reason I set the config file to loop between my screens is because I want to have a single key to switch between them: keystroke(alt+`) = switchInDirection(right) If there is way to have a single key for switching in both directions without having looping screens then that would also solve my problem.

    Read the article

  • sshd: How to enable PAM authentication for specific users under

    - by Brad
    I am using sshd, and allow logins with public key authentication. I want to allow select users to log in with a PAM two-factor authentication module. Is there any way I can allow PAM two-factor authentication for a specifc user? I don't want users - By the same token - I only want to enable password authentication for specific accounts. I want my SSH daemon to reject the password authentication attempts to thwart would-be hackers into thinking that I will not accept password authentication - except for the case in which someone knows my heavily guarded secret account, which is password enabled. I want to do this for cases in which my SSH clients will not let me do either secret key, or two-factor authentication.

    Read the article

  • Reimage several of the same model PC by copying the hard disk

    - by Tim Lehner
    I have several of the same machine (Dell Precision T3500) that originally came with Windows 7 Pro (there is a Windows 7 Pro OA product key sticker on top of each one). These were initially downgraded to XP by a former IT colleague, but are now back in the pool of unused machines. I am looking to format and install Windows 7 Pro on one of them using the latest official Win7 installer ISO with SP1 and then clone the hard drive to the other machines. The questions then, are: Does this even make sense, or is there a better way to do this considering I'm only doing it to 6 machines? Does this jive with MS licensing (we are the original purchaser of the machines, and thus, presumably, the license holder...but I'm no expert)? Is it possible to apply the individual 25-char product keys to the cloned machines after cloning? How far can I go in the config process (installing corporate standard apps and such) before I have to clone to the other machines considering the licensing/key questions?

    Read the article

  • Elastic beanstalk access private git repo

    - by user221676
    I am trying to currently add an ssh key to my elastic beanstalk instances using .ebextensions commands. The keys I have stored are in my application code and I try to copy them to the root .ssh folder so I can access them when doing a git+ssh clone later here is an example of the config file in my .ebextensions folder packages: yum: git: [] container_commands: 01-move-ssh-keys: command: "cp .ssh/* ~root/.ssh/; chmod 400 ~root/.ssh/tca_read_rsa; chmod 400 ~root/.ssh/tca_read_rsa.pub; chmod 644 ~root/.ssh/known_hosts;" 02-add-ssh-keys: command: "ssh-add ~root/.ssh/tca_read_rsa" the problem is that I get is an error when attempting to clone the repo Host key verification failed. I have tried many ways of try to add the host to the known_hosts file but none have worked! The command that is doing the clone is npm install as the repo points to a node module

    Read the article

  • #altnetseattle - Kanban

    - by GeekAgilistMercenary
    The two main concepts of Kanban is to keep the queues minimum and to maintain visibility. Management/leadership needs to make sure the Kanban Queue doesn’t get starved.  This is key and also very challenging, being the queue needs to be minimal but also can’t get too small during the course of work.  This is to maintain maximum velocity. Phases of the Kanban need to be kept flowing too, bottlenecks need removed ASAP when brought up. Victory Wall – I dig that idea.  Somewhere to look to see the success of the team. The POs work in Rally or other tools for some client management, but it causes issues with the lack of "visibility" – a key fundamental ideal & part of Kanban. One of the big issues is fitting things into a sprint, when Kanban is used with Scrum, but longer sprints are wasteful. Kanban work sizes are of a set size. At this point I got a bit side tracked by the actual conversation and missed out on note taking.  Overall, people doing Kanban and Lean Style Software Development I would say are some of the happiest coders around.  The clean focus, good velocity, sizing, and other approaches that are inferred by Kanban help developers be the rock stars and succeed. This is definitely a topic I will be commenting on a lot more in the near future.

    Read the article

  • How to fix: Ubuntu 12.04 reboots after loading with elilo

    - by Casey
    I have an HP p6-2120 with CPU: AMD A6-3620 APU with Radeon Graphics RAM: 6GB BIOS: HO2_710.ROM v7.10 [AMI v7.10 4/19/2012] Disk: SATA1 (/dev/sda) - 1 TB (windows) Disk: SATA2 (/dev/sdb) - 1 TB partitioned using "parted -a optimal /dev/sdb" as follows: .. 1049KB 201MB FAT32 boot flag set .. 201MB 60GB ext2 (/) .. 68GB 78GB linux-swap(v1) (swap) .. 78GB 790GB ext4 (/home) .. - rest is "free" space reserved for other purposes (eventually) ubuntu: 12.04.1 LTS [specifically: Release 12.04 (precise) 64-bit] kernel: linux 3.2.0-29-generic I created a bootable EFI USB from the ISO (64-bit) which I downloaded. I can run and install from the USB without any problems. The BIOS is an EFI bios that appears to be capable of booting in either EFI or Legacy mode. Initially, I did the "standard" install with NOTHING on disk2, and let the installer configure everything. The net result of this was that when I started the computer and forced it into "boot" menu mode, it DOES NOT recognize SATA2 as an EFI drive, and when I attempt to "legacy" boot from it, I get the message "ERROR: No Boot Disk has been detected." The "standard" install created one large partition that consumed the entire disk. At that point, I manually partitioned the disk (using sudo parted -a optimal /dev/sdb) as described above. I selected the "other" install, and changed the /dev/sdb1 to "bios_grub", /dev/sdb2 as "/" (ext4), /dev/sdb3 as swap, and /dev/sdb4 as "/home". [Note: fearing that possibly elilo did not recognize ext4, I switched /dev/sdb2 to ext2 and re-insalled] The net result was that the install appeared to trash the /dev/sdb1 partition so that it was NOT readable by anything. I re-formated /dev/sdb1 as FAT32 and set the boot flag. I repeated the install ignoring the messages about no bios_grub partition. After several attempts to get GRUB2 to work, I switched to elilo. I downloaded the most recent version and copied it (elilo-3.14-ia64.efi) to /dev/sdb1/efi/boot/bootx64.efi. (The BIOS boot loader did not recognize it either as elilo-3.14.ia64.efi or as elilo.efi. Based on the advice in one of the web-pages I found, I renamed it to bootx64.efi. This worked.) In that same directory (/efi/boot), I copied the file pointed to the link in /dev/sdb2/vmlinuz to /efi/boot/vmlinuz, and the file pointed to the link in /dev/sdb2/initrd.img to /efi/boot/initrd.img. I created an elilo.conf file as follows: timeout=5000 prompt default=linux-boot image=vmlinuz label=linux-boot read-only initrd=initrd.img root=/dev/sdb2 The /efi/boot directory contains 4 files: bootx64.efi elilo.conf vmlinuz initrd.img When I power-cycle the computer and force the boot menu, drive2 shows up as an EFI bootable drive. When I select it, I get the elilo prompt. Pressing , it appears to load the kernal (I have tried it with verbose=5, and there is a long string of messages with the final one a command line to load the kernel and a series of several dots that fly by) then the screen goes blank, and it reboots the computer. [Note: I have also tried substituting the UUID as found in the /etc/fstab of the installed system for the root directory. This had no effect.] This is a brief synopsis of several nights of fiddling with this. I would deeply appreciate any help you can give.

    Read the article

  • Character Jump Control

    - by Abdullah Sorathia
    I would like to know how can I control the jump movement of a character in Unity3D. Basically I am trying to program the jump in such a way that while a jump is in progress the character is allowed to move either left or right in mid-air when the corresponding keys are pressed. With my script the character will correctly move to the left when, for example, the left key is pressed, but when the right key is pressed afterwards, the character moves to the right before the movement to the left is completed. Following is the script: void Update () { if(touchingPlatform && Input.GetButtonDown("Jump")){ rigidbody.AddForce(jumpVelocity, ForceMode.VelocityChange); touchingPlatform = false; isJump=true; } //left & right movement Vector3 moveDir = Vector3.zero; if(Input.GetKey ("right")||Input.GetKey ("left")){ moveDir.x = Input.GetAxis("Horizontal"); // get result of AD keys in X if(ShipCurrentSpeed==0) { transform.position += moveDir * 3f * Time.deltaTime; }else if(ShipCurrentSpeed<=15) { transform.position += moveDir * ShipCurrentSpeed * 2f * Time.deltaTime; }else { transform.position += moveDir * 30f * Time.deltaTime; } }

    Read the article

  • what does it mean for MalwareBytes to find malicious registry keys but nothing else?

    - by EndangeringSpecies
    I have a machine that is obviously infected, and when I ran MalwareBytes it told me that it found some "malicious" registry keys (surprisingly enough these contained file path to currently non-existent javascript files). But, that's it. Full scan did not uncover any malicious files, or malicious hidden processes in memory. Like, maybe the (hidden?) process that for whatever reason periodically injects keystrokes (hotkeys?) into whatever currently open window. Then on another, not obviously infected, machine it found a "malware.trace" registry key but again no files or processes etc. How does this jive with people's experience with MalwareBytes? Does it usually find registry key symptoms of an infection but nothing else? Or is it a common thing to have no infection but some malicious registry keys in place anyway?

    Read the article

  • How can I get ssh-agent working over ssh and in tmux (on OS X)?

    - by Rich
    I have a private key set up for my github account, the passphrase to which is, I believe, stored in OS X's keychain. I certainly don't have to type it in when I open a terminal window and enter ssh [email protected]. However, when I'm running bash over an ssh session, or locally inside a tmux session, I have to type in the passphrase every single time I attempt to ssh to github. This question suggests that a similar problem exists with screen, but I don't really understand the issue well enough to fix it in tmux. There's also this page which includes a fairly complicated solution, but for zsh. EDIT: In response to @Mikel's answer, from a local terminal I get the following output: [~] $ echo $SSH_AUTH_SOCK /tmp/launch-S4HBD6/Listeners [~] $ ssh-add -l 2048 [my key fingerprint] /Users/richie/.ssh/id_rsa (RSA) [~] $ typeset -p SSH_AUTH_SOCK declare -x SSH_AUTH_SOCK="/tmp/launch-S4HBD6/Listeners" Whereas over ssh or in tmux I get: [~] $ echo $SSH_AUTH_SOCK [~] $ ssh-add -l Could not open a connection to your authentication agent. [~] $ typeset -p SSH_AUTH_SOCK bash: typeset: SSH_AUTH_SOCK: not found echo $SSH_AGENT_PID returns nothing whatever shell I run it from.

    Read the article

  • foreign-architecture

    - by speedy-MACHO
    Always when I install something, I get the following error multiple times: Unknown configuration key 'foreign-architecture' found in your 'dpkg' configuration files. This warning will become a hard error at a later date, so please remove the offending configuration options and replace them with 'dpkg --add-architecture' invocations at the command line. When I try dpkg --add-architecture I get: Unknown configuration key `foreign-architecture' found in your `dpkg' configuration files. This warning will become a hard error at a later date, so please remove the offending configuration options and replace them with `dpkg --add-architecture' invocations at the command line. dpkg: error: --add-architecture takes one argument Type dpkg --help for help about installing and deinstalling packages [*]; Use `dselect' or `aptitude' for user-friendly package management; Type dpkg -Dhelp for a list of dpkg debug flag values; Type dpkg --force-help for a list of forcing options; Type dpkg-deb --help for help about manipulating *.deb files; Options marked [*] produce a lot of output - pipe it through `less' or `more' ! I've no problems yet, but since it says This warning will become a hard error at a later date I better do something about this. When I search 'foreign-architecture', I find an empty file, containing not a single byte. I somehow can't delete that file. Please help, it's a kind of creapy...

    Read the article

  • Why does sshd give a different identification when connecting through netcat?

    - by Robbie Mckennie
    I have been attempting to create a way to ssh into a machine hiding behind a firewall. I set up my ssh client with the option Proxycommand /usr/bin/ncat -l 2000, and then I connect it to sshd with ncat <client> 2000 -c "sshd -i" on the server. It works in that I can get a shell on the server, but the server sends a different key than when I use normal ssh. So the question is, why? Is the key different when sshd is called in this unusual way?

    Read the article

  • dovecot rhel 5 installation fails because of newer libraries

    - by kayhan yüksel
    to whom it may respond to, we are trying to install dovecot (dovecot-2.2.10-1_14.el5.x86_64) on a RHEL 5.4 server and we get the error : [root@asgfkm /]# rpm -i dovecot-2.1.17-0_136.el5.x86_64.rpm uyarý: dovecot-2.1.17-0_136.el5.x86_64.rpm: Header V4 DSA/SHA1 Signature, key ID 66534c2b: NOKEY hata: Failed dependencies: libcrypto.so.6()(64bit) is needed by dovecot-1:2.1.17-0_136.el5.x86_64 libldap-2.3.so.0()(64bit) is needed by dovecot-1:2.1.17-0_136.el5.x86_64 libmysqlclient.so.15()(64bit) is needed by dovecot-1:2.1.17-0_136.el5.x86_64 libmysqlclient.so.15(libmysqlclient_15)(64bit) is needed by dovecot-1:2.1.17-0_136.el5.x86_64 libssl.so.6()(64bit) is needed by dovecot-1:2.1.17-0_136.el5.x86_64 [root@asgfkm /]# but when we try to install requested libraries, it conflicts with the never libraries : uyarý: openssl-0.9.8e-27.el5_10.1.x86_64.rpm: Header V3 DSA/SHA1 Signature, key ID e8562897: NOKEY openssl-1.0.0-20.el6.x86_64 paketi zaten yüklü (openssl-0.9.8e-27.el5_10.1.x86_64 sürümünden daha yeni) this is happening with the other libraries also : libldap, libmysql, etc... Do you recommend --force option to install it or is there any other proper way around ? Thank you for your time,

    Read the article

  • SSL client auth in nginx with multiple server section

    - by Bastien974
    I want to implement ssl_verify_client in nginx. This works perfectly when I only have one server section, which listen to 443. In my case I have multiple, all listening on 443 but to different server_name. For one particular server (proxy.mydomain.com), I'm adding the SSL client verify, but when I test the connectivity with openssl s_client -connect proxy.mydomain.com:443 -cert xxx.crt -key xxx.key and then do a GET / HTTP/1.1 host: proxy.mydomain.com It's not working, 400 No required SSL certificate was sent I think nginx is not receiving the proper server_name and is directing it to the first server listening to 443. So I tried to listen on another port and it worked right away. What's the issue and how can I fix it ?

    Read the article

  • Is it possible to have zsh+keychain+tmux not ask for keys?

    - by Wayne Werner
    I'm using tmux and zsh, and I've recently been learning about ssh-agent and keychain. From the manpage for zsh, it says that it will source .zlogin only if the shell is, well, a login shell. Following advice I read, I stuck keychain --clear in my .zlogin, which worked perfectly. When I logged into the box I had to unlock my key. However, each time I create a new window in tmux, it clears/makes me re-add my key. This is a little annoying... but I can understand it if, in fact, each new tmux window is a login window. I haven't been able to find much help outside of the manpages on this topic. So is each new tmux window a login shell, or is there any way that I can make it not clear my keys only when I create a tmux window?

    Read the article

  • Apache https configurations

    - by sissonb
    I am trying to setup my domain name with a self signed cert. I created the cert and placed the server.key and server.crt files into C:/apache/config/ Then I updated my httpd.confg host to include the following, <VirtualHost 192.168.5.250:443> DocumentRoot C:/www ServerName mydomain.com:443 ServerAlias www.mydomain.com:443 SSLEngine on SSLCertificateFile C:/apache/conf/server.crt SSLCertificateKeyFile C:/apache/conf/server.key SSLVerifyClient none SSLProxyEngine off SetEnvIf User-Agent ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 CustomLog logs/ssl_request_log \ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" </VirtualHost> Now when I go to https://mydomain.com I get the following error. SSL connection error Unable to make a secure connection to the server. This may be a problem with the server, or it may be requiring a client authentication certificate that you don't have. Error 107 (net::ERR_SSL_PROTOCOL_ERROR): SSL protocol error. Can anyone see what I'm doing wrong? Thanks!

    Read the article

  • Windows 8 Activation - Product ID: Not available

    - by Guy Thomas
    The situation: I downloaded Windows 8 RTM from MSDN (I have a subscription). Naturally, I downloaded the product key as well. Windows 8 installed like a dream: lightning fast with no problems. I accepted the product key at the beginning of the install. Next, I thought I would download Updates, but they failed, so I checked the system's activation in Control Panel System. Problem: It returned "Product ID: Not available." There's nothing under "Windows activation" that I can click on, no blue links. I had a 'Chat' with MSDN, who introduced me to SLUI.exe. On Windows 8 it did nothing. (On Windows 7 it is supposed to bring up the Activation Menu). I phoned the Microsoft Activation number, they told me to contact MSDN. MSDN left the 'chat' by telling me to contact Microsoft! Hmm... I wonder if anyone at SuperUser can help?

    Read the article

  • curl can't verify cert using capath, but can with cacert option

    - by phylae
    I am trying to use curl to connect to a site using HTTPS. But curl is failing to verify the SSL cert. $ curl --verbose --capath ./certs/ --head https://example.com/ * About to connect() to example.com port 443 (#0) * Trying 1.1.1.1... connected * Connected to example.com (1.1.1.1) port 443 (#0) * successfully set certificate verify locations: * CAfile: none CApath: ./certs/ * SSLv3, TLS handshake, Client hello (1): * SSLv3, TLS handshake, Server hello (2): * SSLv3, TLS handshake, CERT (11): * SSLv3, TLS alert, Server hello (2): * SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed * Closing connection #0 curl: (60) SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed More details here: http://curl.haxx.se/docs/sslcerts.html curl performs SSL certificate verification by default, using a "bundle" of Certificate Authority (CA) public keys (CA certs). If the default bundle file isn't adequate, you can specify an alternate file using the --cacert option. If this HTTPS server uses a certificate signed by a CA represented in the bundle, the certificate verification probably failed due to a problem with the certificate (it might be expired, or the name might not match the domain name in the URL). If you'd like to turn off curl's verification of the certificate, use the -k (or --insecure) option. I know about the -k option. But I do actually want to verify the cert. The certs directory has been properly hashed with c_rehash . and it contains: A Verisign intermediate cert Two self-signed certs The above site should be verified with the Verisign intermediate cert. When I use the --cacert option instead (and point directly to the Verisign cert) curl is able to verify the SSL cert. $ curl --verbose --cacert ./certs/verisign-intermediate-ca.crt --head https://example.com/ * About to connect() to example.com port 443 (#0) * Trying 1.1.1.1... connected * Connected to example.com (1.1.1.1) port 443 (#0) * successfully set certificate verify locations: * CAfile: ./certs/verisign-intermediate-ca.crt CApath: /etc/ssl/certs * SSLv3, TLS handshake, Client hello (1): * SSLv3, TLS handshake, Server hello (2): * SSLv3, TLS handshake, CERT (11): * SSLv3, TLS handshake, Server finished (14): * SSLv3, TLS handshake, Client key exchange (16): * SSLv3, TLS change cipher, Client hello (1): * SSLv3, TLS handshake, Finished (20): * SSLv3, TLS change cipher, Client hello (1): * SSLv3, TLS handshake, Finished (20): * SSL connection using RC4-SHA * Server certificate: * subject: C=US; ST=State; L=City; O=Company; OU=ou1; CN=example.com * start date: 2011-04-17 00:00:00 GMT * expire date: 2012-04-15 23:59:59 GMT * common name: example.com (matched) * issuer: C=US; O=VeriSign, Inc.; OU=VeriSign Trust Network; OU=Terms of use at https://www.verisign.com/rpa (c)10; CN=VeriSign Class 3 Secure Server CA - G3 * SSL certificate verify ok. > HEAD / HTTP/1.1 > User-Agent: curl/7.19.7 (x86_64-pc-linux-gnu) libcurl/7.19.7 OpenSSL/0.9.8k zlib/1.2.3.3 libidn/1.15 > Host: example.com > Accept: */* > < HTTP/1.1 404 Not Found HTTP/1.1 404 Not Found < Cache-Control: must-revalidate,no-cache,no-store Cache-Control: must-revalidate,no-cache,no-store < Content-Type: text/html;charset=ISO-8859-1 Content-Type: text/html;charset=ISO-8859-1 < Content-Length: 1267 Content-Length: 1267 < Server: Jetty(7.2.2.v20101205) Server: Jetty(7.2.2.v20101205) < * Connection #0 to host example.com left intact * Closing connection #0 * SSLv3, TLS alert, Client hello (1): In addition, if I try hitting one of the sites using a self signed cert and the --capath option, it also works. (Let me know if I should post an example of that.) This implies that curl is finding the cert directory, and it is properly hash. Finally, I am able to verify the SSL cert with openssl, using its -CApath option. $ openssl s_client -CApath ./certs/ -connect example.com:443 CONNECTED(00000003) depth=3 /C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority verify return:1 depth=2 /C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 2006 VeriSign, Inc. - For authorized use only/CN=VeriSign Class 3 Public Primary Certification Authority - G5 verify return:1 depth=1 /C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/rpa (c)10/CN=VeriSign Class 3 Secure Server CA - G3 verify return:1 depth=0 /C=US/ST=State/L=City/O=Company/OU=ou1/CN=example.com verify return:1 --- Certificate chain 0 s:/C=US/ST=State/L=City/O=Company/OU=ou1/CN=example.com i:/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/rpa (c)10/CN=VeriSign Class 3 Secure Server CA - G3 --- Server certificate -----BEGIN CERTIFICATE----- <cert removed> -----END CERTIFICATE----- subject=/C=US/ST=State/L=City/O=Company/OU=ou1/CN=example.com issuer=/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/rpa (c)10/CN=VeriSign Class 3 Secure Server CA - G3 --- No client certificate CA names sent --- SSL handshake has read 1563 bytes and written 435 bytes --- New, TLSv1/SSLv3, Cipher is RC4-SHA Server public key is 2048 bit Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE SSL-Session: Protocol : TLSv1 Cipher : RC4-SHA Session-ID: D65C4C6D52E183BF1E7543DA6D6A74EDD7D6E98EB7BD4D48450885188B127717 Session-ID-ctx: Master-Key: 253D4A3477FDED5FD1353D16C1F65CFCBFD78276B6DA1A078F19A51E9F79F7DAB4C7C98E5B8F308FC89C777519C887E2 Key-Arg : None Start Time: 1303258052 Timeout : 300 (sec) Verify return code: 0 (ok) --- QUIT DONE How can I get curl to verify this cert using the --capath option?

    Read the article

  • How to turn off screen (DPMS) together with locking session in KDE?

    - by gertvdijk
    First of all, I'm aware a similar question for GNOME is asked here: "Switch off laptop backlight when locking screen". Objective I would like to turn off my screen on locking the session for power saving reasons. Actual problem Locking the screen on Kubuntu (KDE) inevitably triggers the screensaver as far as I can see. There's no screensaver option other than 'Blank screen' together with its background colour set to black that comes just close to my goal. It blanks the screen, but doesn't turn off the screen. Screen's backlight will still be on and not saving any power. Current workaround A workaround via a script + shortcut key is possible, however, it's just a workaround since it doesn't trigger on all ways to lock the session. Therefore, I think it should be possible to have it done more elegantly, for example by providing this option in KDE's configuration dialog of the screensaver. The workaround I am now using is the following. A script that locks the screen and turns off the screen: #!/bin/bash qdbus org.freedesktop.ScreenSaver /ScreenSaver Lock xset dpms force standby and let it run with a shortcut key via a custom menu entry. It works. Here's why I consider it to be a workaround rather than a solution. It doesn't work for other ways to trigger the locking of the session. My actual question(s) Do I need to touching/patching KDE's source? If not what are my options? If so, could someone point me to where I can get started? what do you think is the recommended place in the GUI for configuration? I'm using Kubuntu 12.04 and willing to upgrade to KDE 4.9 or waiting for the 12.10 release.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 391 392 393 394 395 396 397 398 399 400 401 402  | Next Page >