Having not used my trusty Sony Ericsson K800i for a few years, I decided to see if I could use the email feature on it to send photographs (uploading to blog, Tumblr, etc.). After configuring the FastMail account credentials and SSL for IMAP4 and SMTP, I was presented with TLS/SSL server certificate not authorized by known authority. Contact your email provider.
To fix this I needed to
- Obtain the necessary certificate from FastMail. This actually needed to be obtained from DigiCert who are the CA (Certificate Authority).
- Upload the certificate to the handset via Bluetooth.
(1) I could do with a FreeBSD system, (2) I chose to do on my Windows 8.1 laptop with convenient Bluetooth. I could have done both on my old Macbook.
Download the certificate from DiGiCert.
$ wget https://www.digicert.com/CACerts/DigiCertHighAssuranceEVRootCA.crt
Convert it to PEM format.
$ openssl x509 -inform der -in DigiCertHighAssuranceEVRootCA.crt -out DigiCertHighAssuranceEVRootCA.pem
Rename it to a format that is recognised by the K800i filesystem.
$ mv DigiCertHighAssuranceEVRootCA.pem DCHAEVR.crt
Now copy across to the Windows 8.1 machine. I used FileZilla to move everything with sftp. Once on the Windows machine, send DCHAEVR.crt across to the K800i via Bluetooth. I accepted the prompt on the handset to install the DigiCert certificate, then verified installation under Settings->General->Security->Certificates->Trusted certificates.
Finally, send email with no errors!
Many thanks to http://tjworld.net/wiki/SonyEricsson/K800i/InstallDigitalCertificate for details of how to install the actual certificate. I also referred to http://fastmail.wikia.com/wiki/ConfiguringFetchmail for details of the certificate but actually only needed the root certificate.
Up & running on AAISP internet today. I’m currently using the suplied Technicolor TG582n router and I have native IPv6 as well as a static IPv4.
A&A Speed Test
My connection is using a TalkTalk back-haul and I’ve been able to set my own line profile via the control pages at AAISP. They had initially set it for a 12dB s/n ratio but I’ve dropped it to 6dB and it looks good so far.
I’ve also done a check over at ipv6-test.com, again, acceptable results.
Some more work configuring another router when the time permits, but for now a perfectly acceptable service from AAISP.
After over five years on O2 Broadband it’s time to move on. O2 sold the broadband service to Sky (not a company I wish to do business with) and there is also uncertainly about the static IP service.
Final week on O2BB
I’m using OpenBSD 5.3 virtual machines running under either Virtual Box or Qemu. When I clone the hard drive, I need to create a new set of ssh keys for the server. If I just delete the old keys, sshd will not restart.
– will break stuff. So the correct way to do it (that works for me) is:
# /etc/rc.d/sshd stop
# mkdir /etc/ssh/old
# mv /etc/ssh/*key* /etc/ssh/old
# ssh-keygen -A
When the new keys have been generated, then I can re-start sshd. Once it’s started then I can delete the old keys.
# /etc/rc.d/sshd start
# rm -rf /etc/ssh/old
– and everything is rosy again.
Is great. I found a few catches though.
Installation and updates – I prefer to install this via FreeBSD’s ports system and portmaster. Once I have updated my ports tree It will build the installation and subsequent updates with # portmaster wordpress and take care of the dependencies (Apache web server, php scripting and MySQL database). Despite the installation it still leaves you, the admin to configure Apache, php and MySQL prior to being able to run the web-based WordPress installation script. It might be a one-click install but there’s a bit of prep work required to get you to that point.
Plugins – WP expects you to have a ftp server so it can log in and install plugins. I did try this briefly and wasted far too much time trying to get Proftpd installed. Instead I just grab the plugin [zip|tar.gz|tar.bz2] archive and install it myself using sftp.
To be continued.
Finally got this blog moved across to a FreeBSD server that supports IPv6 and WordPress is updating again. I’ve imported all the previous posts so all that remains is for me to produce some new material!
Apologies for the lack of a proper security certificate if you’ve arrived at the SSL version, it’s on the list of things to be fixed!
Probably the best ADSL router I have had to date. Slightly more expensive than a DG834v4 but infinitely more versatile.
This one has the Broadcom chipset which blows away the one in the 877.
I’m also running two ipv6 tunnels, one to SixXs and one to Hurricane Electric.
The only feature I found lacking was IGPs – It doesn’t support OSPF or Cisco’s proprietary EIGRP. OK it does have good ol’ RIP v1 and v2.
NickB uptime is 9 weeks, 5 days, 15 hours, 5 minutes
Stays up for a while… Good stable ADSL2+ Annexe A and Annexe M performance.
Cisco network equipment, being American, use Phillips cross-point screws for the case and bracket mounting screws. The NM and WIC modules, however, are slightly different, using a slotted-Phillips, or Borneo® screwdriver. These are available in the US from, amongst other places, Menards (SKU: 2377751). In the UK there is a comprehensive Facom range available from Machine Mart, you will need Item No: 040211109.
Use the wrong one and you risk damaging the screws or your screwdriver!
IOS Version 1130-k9w7-mx.124-10b.JA needed Internet Explorer version 6 for web configuration.
I obtained an AP-1242AG with a later IOS version 1240-k9w7-mx.124-21a.JA1. Checking the release notes for this version revealed that Firefox browser was now supported.
I then obtained a copy of 1130-k9w7-mx.124-21A.JA1 to upgrade my 1130.
Unlike FreeBSD, NetBSD pkgsrc does not install any rc.d startup scripts by default unless you add
into mk.conf(5). It does however copy them to
allowing you to manually copy them across.
Now I’ll get on with updating the IPv6 router project. I’m just installing WIDE-DHCP6 for stateless auto-configuration which should hand out IPv6 DHCP configuration to the clients.