Renewing SSL certificates for applications we deploy with Octopus Deploy is a straightforward task. We can go to the certificate store, replace the old certificate with the new one and the next time we deploy the certificate is on the server. If we need to update the certificate for Octopus Deploy itself, we need to go through more hoops that are not as clear. Let us see what we need to do.
A few weeks ago, I upgraded my Synology DiskStation to the newest version of the DSM 7.2 branch. The upgrade warned about a few incompatibilities, but I used none of them – at least I thought. While the upgrade went through without any problems, it took a while to notice an odd new problem. When I tried to log in via SSH, all I got was the access denied message.
Strange, then the Passwordless Backup with Synology DiskStation worked as it did before, yet I could not connect with the same credentials.
We run into a strange error last week when we no longer could install NuGet packages from our Azure DevOps feed. Visual Studio only gave us a basic error message about SSL connections, but to get some details we needed to run dotnet restore:
error : The SSL connection could not be established, see inner exception. error : Authentication failed because the remote party sent a TLS alert: 'HandshakeFailure'.
With new versions of Chrome come new security checks. An especially annoying new "feature" I found yesterday in the NDC Oslo workshop. A not fully configured Angular application had a problem that showed up in Chrome as a NET::ERR_CERT_INVALID error.
A few days back I lost my admin credentials to the Seq server on my development machine. Luckily, there is an easy way to reset those credentials and keep all your data.
For the last few months, the iOS WordPress application had more and more problems connecting to my self-hosted blog. Deleting it and reinstalling the app helped only for a short time. As there was no change in the situation with the new Jetpack application, I had to figure out what was wrong.
In one old web application I had to add a redirect form one endpoint to the address of the new application. Everything compiled without a problem, but as soon as I accessed the old address, I got this exception:
NWebsec.Core.Exceptions.RedirectValidationException: A potentially dangerous redirect was detected. Add the destination to the whitelist in configuration if the redirect was intended. Offending redirect: https://my.url.whatever
After I updated SonarQube to version 9.7, I got this strange entry in the logs:
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
If you try to create a folder with a leading dot, like the .well-known folder for domain validation or the security.txt, you may end up with the error "You must type a file name" on Windows Server:
As we were trying to combine a private key with a certificate into a pkcs12 file, we got this OpenSSL error: