Thursday, August 19, 2010

Certificate conversion

Quite a useful tool for conversion between the various certificate/keystore formats: The SSL Converter is a small web interface which allows you to upload a file from your hard drive. The format is usually detected automatically from the file extension. You select the target format and press "Convert Certificate" - that's it!

If you'd like to automate your further conversions, the site is even nice enough to mention the equivalent openssl commands.

Saturday, August 14, 2010

Bad news for Oracle

I think this is bad news for Oracle: Groklaw will cover the Oracle-Google litigation on Java patents allegedly violated by Android's Dalvik JVM.

Well deserved. If big companies believe that software patents are a good thing, then only because there is a balance between 'em. Assuming that Oracle is not by itself violating one patent or the other is ridiculous. Now Oracle has annihilated this balance. Just at the same time when they announced to drop OpenSolaris. I think they'll soon learn that Google is not the only opponent they have acquired. A pinprick (Bugzilla's main developer requests dropping Oracle support as a consequence of the patent litigation.) is only a pinprick, but we'll see how many of them will follow.

If I were a Google lawyer, I'd definitely follow Groklaw in the months and possibly years to come: Groklaw's much more than a pinprick.

Friday, May 21, 2010

Creating a self signed certificate

On development and test systems, you are ususally using a self-signed certificate. Why the SSL servers key needs any certificate at all, and cannot simply use its key pair, is beyond my imagination, but be that as it may: It wouldn't be a problem, if there would be a really simple way to create a self signed certificate. What is the problem with writing a simple program that asks me a few questions like "fully qualified host name of the SSL server", or "organization name" and in reply creates a private key and a self certified public key? My personal guess is that openssl's command line interface is so darned complex that it's hard to dare to make it simple...

But obviously, I am not the only one asking for such a solution. There is help: Red Hat Linux, Fedora, or CentOS are shipped with a really simple tool called "genkey". See

Thanks, guys!

Saturday, May 1, 2010

The future of cinema?

Last friday, Marie was celebrating her 6th birthday. Having successfully managed the celebrations with family and her friends, we felt that the three of us have earnt an after-birthday gratification. So we went to the next movie theater and into How to train your dragon.

It's the first time I was visiting a 3d movie. I remember that I've seen 3D films before on fairgrounds and more than 30 years ago, but the experience had been a little bit disappointing. Nevertheless, I was really curious.

Sitting in the cinema chair and looking at each other wearing the spectacles was fun, of course and a good opportunity to remember the blues brothers. Then the movie began.

Excuse me? This is it? The movie industries big hope, the style of already 25% of all movies in the cinema? (Apart from How to train your dragon, no less than 3 other of the movies offered that day have been in 3D.)

Honestly, there were some scenes when the 3D effect was really great. For example, riding on the night fury with Hiccup was pure joy. But that feeling went about 5 out of 95 minutes of the film. And what about the other 90?

Basically, the visual quality was really bad. I can't count the number of times when I've seen the horns on a vikings helm twice. Quite frequently, the picture was fuzzy and I had to strain my eyes. Compare that to the experience of a 2D movie when you just forget to think about the pictures, because there's no reason to consider the visual quality: You're concentrated on what happens, on what you came for.

I have to admit that I am not overly gracious to new stuff, if not adverse. But to me, visiting a 3D movie is like sending an SMS, rather than having a phone call: There is a much more comfortable, and enjoyable version of doing basically the same thing, which you are expected to intentionally forfeit.

I'm ready to try again in another 30 years. But, as far as I'm concerned, I'd rather stay at home than visiting another 3D movie. (And I'd be gladly watching How to train your dragon in 2D again, because I liked the film, apart from the 3D effect.)

Wednesday, April 14, 2010

My Nerd Score

... is surprisingly low:

Comes with the age, I believe. I'm getting lazier. :-)

Monday, February 15, 2010

Apache XML-RPC 3.1.3

Didn't expect another release of Apache XML-RPC this year. We had one last year and that should do for some time, shouldn't it? At least for such a relatively stable (read: boring) piece of code.

Unexpectedly, Johan H├Ągre detected a security issue: Due to the XML parsers standard configuration, it has been possible to include server side files as entities to the clients request. Vice versa, the server could add client side files to the response. Better fix that soon...

The new distribution is available from any Apache mirror at If the mirrors don't catch up fast enough, try