OK, it's been a while since I've set up a Linux server. Perhaps too long.
My most recent home box is a Fedora Core 23 server system. Installed fine; got my 24 TB XFS RAID system up and running (just needed a special RAID adapter kernel patch, no big deal) and got SSH, other things locked down.
There's just one problem. I couldn't get Samba to serve up some local shares. This is something that had worked just fine in its previous incarnations for me. I spent way, way too long (weeks, albeit with inconsistent and infrequent effort) figuring out that I hadn't correctly provided firewall access to the SMB protocol on my internal network.
Sigh. One little command and I'm back in business! What a head-slapper -- which is usually how these things go.
Wednesday, January 20, 2016
Wednesday, June 19, 2013
Google and S/MIME
I've been a happy customer of Google for some time now, as they service my email as well as provide other features -- like this blog!
One irksome thing I've run into lately, however, has been the use of S/MIME for sending digitally authenticated and/or encrypted email messages. (I've run into the issue because my employer offers digital ID certificates to authenticate official email messages, which is a great idea and a great service!)
I've since obtained a free email signing certificate from Comodo, a trusted signing authority for most browsers and email clients for my personal email account. Getting things to work with a Google Apps account (and/or the Gmail backend provided by Apps) has been a bit of a bear.
In particular, it seems that the Google Apps Sync (recently discontinued for non-paying members) Exchange implementation cannot properly pass the S/MIME digital signatures generated by iOS or Outlook. Instead of having a message be signed (and appear as signed by the recipient), the message is not signed and has a .p7s file attachment.
For now, a workaround is to use Google's SMTP servers to relay the message. In that scenario, everything works fine. (On iOS, this means abandoning Google Sync and push email -- a feature I enjoy.)
I've submitted a bug report with Google directly, since I'm a paying customer. After proving that I could configure Outlook correctly, and identifying that their Exchange servers were the common point of failure for passing S/MIME digital signatures, they promised to look into it as "it was an issue affecting many, many customers." I was also promised a resolution in a 1 -- 2 week timespan.
I won't hold my breath, but at least they're (supposedly) on the case. (This is because S/MIME support has been a problem for several years....)
One irksome thing I've run into lately, however, has been the use of S/MIME for sending digitally authenticated and/or encrypted email messages. (I've run into the issue because my employer offers digital ID certificates to authenticate official email messages, which is a great idea and a great service!)
I've since obtained a free email signing certificate from Comodo, a trusted signing authority for most browsers and email clients for my personal email account. Getting things to work with a Google Apps account (and/or the Gmail backend provided by Apps) has been a bit of a bear.
In particular, it seems that the Google Apps Sync (recently discontinued for non-paying members) Exchange implementation cannot properly pass the S/MIME digital signatures generated by iOS or Outlook. Instead of having a message be signed (and appear as signed by the recipient), the message is not signed and has a .p7s file attachment.
For now, a workaround is to use Google's SMTP servers to relay the message. In that scenario, everything works fine. (On iOS, this means abandoning Google Sync and push email -- a feature I enjoy.)
I've submitted a bug report with Google directly, since I'm a paying customer. After proving that I could configure Outlook correctly, and identifying that their Exchange servers were the common point of failure for passing S/MIME digital signatures, they promised to look into it as "it was an issue affecting many, many customers." I was also promised a resolution in a 1 -- 2 week timespan.
I won't hold my breath, but at least they're (supposedly) on the case. (This is because S/MIME support has been a problem for several years....)
Saturday, May 4, 2013
A Happy Birthday
Today, I turn 31. And what better things should I be doing than taking it easy, playing some Mega Man on the newly-updated Wii U Virtual Console, and restoring my wife's computer from a Windows 7 corruption?
Updating my near-extinct blog, of course!
I have been away from this website for more than a year, and what a busy time it has been!
Let's see...
Soon, I'll be making the transition into being an even more Responsible Adult as a newly-minted father. I can't wait!
Updating my near-extinct blog, of course!
I have been away from this website for more than a year, and what a busy time it has been!
Let's see...
- Decided to buy a house
- Decided to have a kid
- Bought a house
- Found out we're expecting a daughter -- she's technically due today!
- MOVED EVERYTHING WE OWN
- Wrote some papers, gave some talks
- Fostered several broods of kittens (oh so cute)
- A smattering of home improvement projects
Soon, I'll be making the transition into being an even more Responsible Adult as a newly-minted father. I can't wait!
Subscribe to:
Posts (Atom)