BLOG - THOUGHTS ON TECHNOLOGY & LIFE

Category Archive

Calling SSL secured sites via curl in an Apache chroot

Recently, I’ve had to troubleshoot an issue where we were running an Apache chroot environment and trying to use the Facebook PHP SDK in one of the hosted sites. We consistantly ran into the error message

curl: (77) Problem with the SSL CA cert (path? access rights?)

in our error_log, which threw us a curveball as it wasn’t happening in our local development environment.

After serveral hours of troubleshooting, we used strace to diagnose why this was failing. Using

strace curl -I -v https://api.facebook.com

while chroot’ed in the environment allowed us to see which libraries were failing to load.

We ended up needing to copy the following libaries into the appropriate location within the chroot environment (we’re using CentOS 6, x64 – so your paths may differ). They don’t appear to be linked under our default PHP5 installation.

  • /usr/lib64/libnsspem.so
  • /usr/lib64/libsoftokn3.so
  • /usr/lib64/libsqlite3.so.0

In addition to these libraries, we copied the following, also into the chroot:

  • /etc/nsswitch.conf
  • /etc/pki/nssdb/
  • /etc/pki/tls/

Hopefully this helps save someone some time and frustration in the future!

1 Comment »

New idea: (near) Daily Photo

So, it seems these days I have a lot of time to do things when I’m at work, but often by 5pm on a Friday afternoon, with still an hour to go, I’ve ran out of ideas. I thought I’d try and take a photo almost daily that best reflects my activities for the majority of the day using PhotoBooth — just to be quick and easy.
@ Work with OLPC

Today’s photo features me at work with one of the two OLPCs that the UTS Programmers Society took reciept of on Tuesday night. It’s quite a nifty little machine. Sometimes a bit slow and unresponsive, but for a cheap laptop it’s perfect!

- james 

No Comments »

My technology week from hell

So, usually I love technology. Usually I rant and rave about how it makes my life easier and how I’m able to do so many great things with technology that my friends just can’t understand.

Not this week.

Last weekend, I went back home for the Australia Day long weekend, which was fantastic — catching up with friends and family for the last time before I’ll head back to Uni. While I was away, I did some package updates on my server in Sydney which I use as a Network Attached Storage (NAS) device, as well as an internal VoIP server. Primarily I updated some NFS (networked file system) packages, thinking that it was the right thing to do — of course which it usually is.

When I returned back to Sydney, my MacBook died on the Monday I returned within hours of me walking in the door. .Mac, which is temperamental at the best of times, failed to sync my iCal calendars properly (while successfully syncing everything else), so I’ve got no recent copy of my calendars — which has left me without any idea of what I’m specifically doing this week.

So, I’ve been using my old PowerBook G4 as a portable machine once again. Unfortunately though, my NFS server has broken (due to what I think is the package updates I did) and so iTunes doesn’t work because my entire library is stored on my NAS which has made it difficult to listen to my favourite podcasts and downloading music from the iTunes store.

Right now, I’m waiting for people who are smarter than I, to write back to my posts in the great linuxquestions.org forums. My MacBook is in the AppleCentre Service Department at Broadway (thank goodness for the 1 year warranty with all Apple products), and I probably won’t get it back for a few weeks judging by the experience of a friend who took his MacPro in to the same centre recently.

At least I’m not totally cut off from the world – my PowerBook is still going strong, even with a short battery life these days. Hopefully, I’ll be able to post in a week and thank a whole bunch of people from LQ’s and the AppleCentre for their support – but right now, I’ll just sit tight and hope for the best.

-james

No Comments »