The day before yesterday, in the freezer compartment, I found green peas I had forgotten. I decided to make bean paste for 水羊羹(みずようかん). Boiled and mashed, but I thought the peels must have given us bad texture. So I changed my plan which was making 粒餡(つぶあん). 粒餡 is made of whole beans. To make 漉し餡(こしあん), I need a mesh strainer. When we make 漉し餡, we must remove peels and mash peas more smaller. So I looked for my strainer, but I couldn’t find it, oops. I always act after the event, he-he.
Where has my strainer gone? I did not have used it for years, well I had no choice. I made 漉し餡 without Japanese strainers.
I had acceptable 漉し餡. ~~~~~≫ Now, I’ll show you my 水羊羹!!
Author: o6asan
Since WordPress that was version 3.7 had a ca-bundle.crt in its wp-includes folder, I’ve had troubles when I upgrade my WordPress Network. I misunderstood the message “Warning! Problem updating https://SITENAME.” meant one of my sites had a trouble, but now I think it meant the first site the WordPress checked out was wrong and the WordPress had no information about the rest of my sites.
First I had the “Error message: SSL certificate problem: self signed certificate in certificate chain” because I use a self-signed certificate. But Oiram gave me its solution. All I need is to add my CA cert data to the ca-bundle.crt.
Next I had the “Error message: error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure”. I’ve had a hard time with this trouble for more than two months. Finally, I have the complete solution of this today \(^o^)/.
I look back now and think the trouble had three issues.
- My client.crt had no ssl_client extension. so I re-made a client.crt with ssl_client extension like this. The reference of this is “sslv3 alert handshake failure when using SSL client auth”.
First, I added the next text to the end of my openssl.cnf.[ ssl_client ]
basicConstraints = CA:FALSE
nsCertType = client
keyUsage = digitalSignature, keyEncipherment
extendedKeyUsage = clientAuth
nsComment = “OpenSSL Certificate for SSL Client”And I made a new client.crt with ssl_client extension.
>openssl ca -config openssl.cnf -policy policy_anything -extensions ssl_client -in client.csr -out client.crt- With the old client.crt, I had the next two errors when I did “openssl s_client -connect o6asan.com:443 -cert client.crt -key client.key -CAfile cacert.pem”. But, the new one gives no error.
- error:14094418:SSL routines:SSL3_READ_BYTES: ~
error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure: ~ - Of course I re-made a new clientcert.p12
- At “Upgrade Network”, WordPress uses cURL. But cURL doesn’t accept P12 format certificates. So I need PEM format certificates.
- To make a clientcert.pem from the clientcert.p12
>openssl pkcs12 -in clientcert.p12 -nokeys -clcerts -out clientcert.pem - To make a clientkey.pem from the clientcert.p12
>openssl pkcs12 -in clientcert.p12 -nocerts -out clientkey.pem
To make a copy of the clientkey.pem and remove the pass phrase from it.
>copy clientkey.pem cp_clientkey.pem
>openssl rsa <cp_clientkey.pem> clientkey.pem
- To make a clientcert.pem from the clientcert.p12
- To tell my WordPress the places of the client certificates.
- To add the following lines to just before the line “curl_setopt( $handle, CURLOPT_CAINFO, $r[‘sslcertificates’] );” in the file class-http.php.
curl_setopt( $handle, CURLOPT_SSLCERT, 'the exact path of clientcert.pem' );
curl_setopt( $handle, CURLOPT_SSLKEY, 'the exact path of clientkey.pem' );
I hate to change WordPress core PHP scripts, so I try and try other methods, but nothing is useful. After all, I add the lines above to the class-http.php.
To copy the clientcert.pem and the clientkey.pem to somewhere in the server, somewhere means a safer place anyone cannot access via the Internet.
This reference is Client URL Library.
- To add the following lines to just before the line “curl_setopt( $handle, CURLOPT_CAINFO, $r[‘sslcertificates’] );” in the file class-http.php.
If you need how to create certificates, see the post “WordPress: Administration Over SSL #1”.
Now the error has gone. I’m happy, clap,clap!!
In my previous post, I wrote “Tried Windows8.1 Pro on the laptop PC (NJ2100), and failed”. But I’ve updated to Windows8.1 Pro(x86) on the NJ2100 after all.
Before starting update from Store, I deleted the SiS Mirage 3 Graphics driver based on R529_Logo.zip. If not deleting, I would have the error “0xC1900101 – 0×30018”. As I deleted the driver, I was able to finish the update. But I would have the trouble again if I install the driver after updating. So, I cannot use the monitor resolution 1440×900 now. I use the the MS Basic Display Adapter driver and take the monitor resolution 1280×768. See the Edit4.
After updating, I also found the Realtek High Definition Audio was disabled. So, I visited the Realtek official site, downloaded a 32bit_Win7_Win8_Win81_R275.exe and installed it. The latest driver version is 6.0.1.7246. But I had terrible noise again. Therefore I replaced ver. 6.0.1.7246 by ver. 6.0.1.5506 which is an NJ2100’s genuine driver for VISTA by EPSON. See the Edit.
Now, I can use Windows8.1 Pro(x86) on the NJ2100 without problems.
By the way, I have frustration about the way of 8.1 distribution. MS says Windows 8.1 for Windows 8 is equal to service packs for other windows. But we have the only way of its update from Store. Its size is very large, so its download takes very long time. If failed, we have to start again from very beginning. In early times, we can download the ISO file of 8.1 without an 8.1 product key, but now it is very difficult. Why do they give us a DVD or something?
Another complaint I have is the way of ‘Sign in’. I hate to use MS account to log in my PC. We can still use a local account when we log in our PC and can avoid MS account when we update to Windows8.1. But it is more difficult to find its steps. What does MS have in mind?
Every reboot gives me the Realtek High Definition Audio Codecs ver. 6.0.1.5506 disabled. I’ve tried re-installations several times, but I finally give it up. Now I use the High Definition Audio Device driver by MS. So I cannot use some of the device features, like stereo mix. I have no hope about it.
I had a DRIVER_POWER_STATE_FAILURE. I did “bcdedit /set disabledynamictick yes” again. At this moment, I feel better of it and expect this is continuing.
After my update to 8.1, I have a trouble with USB External Hard Drives which are unconnected from the PC very often. I change values about two of Power Options.
- About USB selective suspend setting —> Disabled.
- Control Panel
- System and Security
- Power Options
- Change Plan Settings
- Change advanced power settings
- USB Settings
- USB selective suspend setting
- On battery —> Disabled
- Plugged in —> Disabled
- Click Apply, then click OK.
- USB selective suspend setting
- About Turn on fast startup (recommended) —> Uncheck.
- Control Panel
- System and Security
- Power Options
- Choose what the power button does
- Change settings that are currently unavailable
- Shutdown settings
- Turn on fast startup (recommended) —> Uncheck
- Click Save changes
The above customization did not work for me. I still had the same trouble.
Yesterday, I found the page “Help! After installing Windows 8.1, my USB drive disappears or file transfers stop unexpectedly…“. The first half of the page told me I already did but the last half gave me new information. I tried and it is working well until now. See the page:
To disable suspend on idle for this device:
1. Obtain the hardware ID of the USB storage device.
2. Change the device setting in the registry.
By the way, the author added the note about 2014/4/8 Windows Update, but this reverting did not work for my USB HDD.
Oh, I almost forgot to write. I wasn’t able to find VID-PID at Hardware Ids. They were showed up at Parent.
After upgrading, I couldn’t watch WOWOW メンバーズオンデマンド. I had 6030. I installed and uninstalled Silverlight5 again and again. I deleted all things ( i.e. cache folder and mspr.hds) under ProgramDataMicrosoftPlayReady. But nothing useful. I thought really hard about why 6030 occurred. I doubted the MS basic display adapter driver. This gave the Generic Non-pnp monitor driver to NJ2100. Maybe Silverlight5 requires more than the Generic Non-pnp monitor for its DRM.
I could not give up WOWOW メンバーズオンデマンド because I enjoyed it before upgrading. So I decided to install the SiS driver from R529_Logo.zip. But this driver probably gave me ‘0xC1900101 – 0×30018’ on my first attempt to upgrade. So, I made a full backup image before my act.
Then I did install. Bingo!! I can watch WOWOW メンバーズオンデマンド now. And I have the 1440×900 resolution. Besides, I have no blue screen at this point. I hope this continues.
Yesterday I installed the SiS driver from R529_Logo.zip. I was comfortable to use the NJ2100 last night, and I went to bed.
Today I found a serious problem. When I turn on the PC, the mouse cursor has disappeared. It has never come back until I give up the SiS driver. This is a big trouble. Oops!!
Updating to MariaDB 10.0.11.
I’ve updated to MariaDB 10.0.11 on my server (Server OS : Windows7HP+SP1(x86)). I write the procedures as follows.
First, I backed up all the sever data. Especially, MariaDB and MyDB.
Next, I updated to MariaDB 10.0.11.
- Downloaded mariadb-10.0.11-win32.zip.
- Extracted the Zip archive.
- Control Panel >> Administrative tools >> Services
Select the MariaDB service name and stop. - Delete all contents in the MariaDB folder. Install the four folders named bin, include, lib and share and license files to the folder.
- Control Panel >> Administrative tools >> Services
Select the MariaDB service name and start.
That’s it.
I used this opportunity to update to phpMyAdmin 4.2.3 and this is its ChangeLog. If you need its configuration, see “phpMyAdmin 4.2.0 is released”.
I updated my Apache 2.4.9 to 2014 5 Jun version because of OpenSSL Security Advisory [05 Jun]..
It is built with ‘IPv6 Crypto apr-1.5.0 apr-util-1.5.3 apr-iconv-1.2.1 openssl-1.0.1h zlib-1.2.8 pcre-8.34 libxml2-2.9.1 lua-5.1.5 expat-2.1.0’. Its Changelog.
I really appreciate Steffen’s hard and quick work. Thanks again, Steffen.
Edit(Jun.9):
I found this on the Net, so linked to it as a reference.
OpenSSL Patches Critical Vulnerabilities Two Months After Heartbleed
Fireflies in my garden.
I can see fireflies in my garden this time of year. We call firefly/fireflies ホタル(蛍) in Japanese. I heard the word ホタル was derived from 火垂る. 火垂る is literally “fire dripping”.
By the way, to take a video of fireflies is very difficult for me, so the video is very very short. Strangely, I feel the firefly moving on the video is very faster than real one.
Microsoft Security Advisory 2915720 ???
Now we have June. On Microsoft Security Advisory 2915720 they announced “Changes in Windows Authenticode Signature Verification”, and the Advisory was first published at 10 Dec. 2013. They said “The change is included with Security Bulletin MS13-098, but will not be enabled until June 11, 2014.” and suggested this actions.
So I tested my PCs by “EnableCertPaddingCheck”=”1”, the PCs are a CF-J10(Win7 HP Sp1 64bit), an NJ2100(Win8 Pro 32bit), xw4200(Win7 HP Sp1 32bit) and KeyPaso(Vista Business SP2 32bit). But I have no troubles right now. Do you know what environments give me troubles under enabling CertPaddingCheck?
By the way, I found Microsoft Security Advisory 2915720 was Updated on 21 May 2014 and the enabling date changed from June 11 to August 12.
Updating to PHP5.5.13.
They released PHP5.5.13 on May-28 19:57:18UTC. So, I updated my PHP from 5.5.12 to 5.5.13 on my Web server (Windows7HP+SP1(x86)).
According to ChangeLog, this includes the fixes for CVE-2014-0237 and CVE-2014-0238. At this time, their Description is still ** RESERVED ** on the pages. CVE-2014-0237 is related to bug #67328 and CVE-2014-0238 is related to bug #67327.
The php.ini-production has no change. As the official PHP binary includes php5apache2_4.dll, I extract the zip archive and replace all PHP5.5.12 files with all PHP5.5.13 files except my php.ini. Then, I restart my Apache. That’s it.
If you need how to configure PHP5.5, please see the post. It is for a mbstrings user, but the information gives some help for you.
By the way, they announced their fourth and final beta should show up on the 29th of May. But we cannot see it still now. Do they have something wrong to delay final beta release? When will PHP5.6 come?
Edit(Jun.9):
They released PHP 5.6.0beta4 on June 5 UTC. This is the final beta version. They say their first Release Candidate should show up on the 19th of June. I don’t know how many RC shows up, but PHP 5.6.0 general availability will come anytime soon.
phpMyAdmin 4.2.0 is released.
phpMyAdmin 4.2.0 is released. Here is the ChangeLog. I’ve updated.
I downloaded a phpMyAdmin-4.2.0-english.zip, extracted it, copied my old config.inc.php to the phpmyadmin folder made by extracting, and uploaded all of them to the server (See “To create a Wamp-like Web Server in Windows7-#3.“).
By the way, when I compared the new config.sample.inc.php with my old one(=Ver.4.1.x), I found two lines were lost and seven lines were added.
The lost lines.
At /* First server */ area
/* Select mysql if your server does not have mysqli */
$cfg[‘Servers’][$i][‘extension’] = ‘mysqli’;
Does this mean they don’t support mysql modules anymore? (I noticed ‘Added warning about the mysql extension being deprecated and removed the extension directive’ in the ChangeLog.)
The added lines.
At /* Storage database and tables */ area
// $cfg[‘Servers’][$i][‘favorite’] = ‘pma__favorite’;
// $cfg[‘Servers’][$i][‘savedsearches’] = ‘pma__savedsearches’;
As a new parameter of the configuration
/**
* Whether to display icons or text or both icons and text in table row
* action segment. Value can be either of ‘icons’, ‘text’ or ‘both’.
*/
//$cfg[‘RowActionType’] = ‘both’;
So, when I logged on the new phphmyadmin at the first time, I got “The phpMyAdmin configuration storage is not completely configured, some extended features have been deactivated. To find out why click here.”.
By a clicking, I got the next three alerts.
$cfg[‘Servers’][$i][‘savedsearches’] … not OK [ Documentation ]
Saving Query-By-Example searches: Disabled
I had instructions, too.
Quick steps to setup advanced features:
Create the needed tables with the examples/create_tables.sql.
Create a pma user and give access to these tables.
Enable advanced features in configuration file (config.inc.php), for example by starting from
config.sample.inc.php.
Re-login to phpMyAdmin to load the updated configuration file.
To create the tables with the examples/create_tables.sql or by your hand, it is your choice. Further information about this, see “Configuration storage“. As I already had the pma user, I created the two tables manually. Then, I edited nine lines above in my config.inc.php, and removed “//” from the head of the next lines.
$cfg[‘Servers’][$i][‘favorite’] = ‘pma__favorite’;
$cfg[‘Servers’][$i][‘savedsearches’] = ‘pma__savedsearches’;
I re-logined to phpMyAdmin to load the updated configuration file. Mission complete.
WordPress3.9.1 Background Updates.
This morning I had a update message about WordPress 3.9.1 by an email. It is a minor maintenance release. But it includes 34 bug fixes and they say the fixes are very related to multisite networks.
List of Files Revised
readme.html
wp-admin/css/edit.css
wp-admin/css/forms-rtl.css
wp-admin/css/login-rtl.min.css
wp-admin/css/admin-menu-rtl.css
wp-admin/css/wp-admin-rtl.min.css
wp-admin/css/edit-rtl.css
wp-admin/css/forms.css
wp-admin/css/admin-menu.css
wp-admin/css/login.min.css
wp-admin/css/wp-admin.min.css
wp-admin/about.php
wp-admin/user/menu.php
wp-admin/includes/ajax-actions.php
wp-admin/js/post.min.js
wp-admin/js/customize-controls.min.js
wp-admin/js/post.js
wp-admin/js/customize-controls.js
wp-admin/custom-header.php
wp-admin/credits.php
wp-admin/freedoms.php
wp-includes/ms-settings.php
wp-includes/class-wp-editor.php
wp-includes/media.php
wp-includes/js/shortcode.min.js
wp-includes/js/customize-views.js
wp-includes/js/media-views.min.js
wp-includes/js/tinymce/plugins/wpview/plugin.js
wp-includes/js/tinymce/plugins/wpview/plugin.min.js
wp-includes/js/tinymce/plugins/wordpress/plugin.js
wp-includes/js/tinymce/plugins/wordpress/plugin.min.js
wp-includes/js/tinymce/plugins/wpeditimage/plugin.js
wp-includes/js/tinymce/plugins/wpeditimage/plugin.min.js
wp-includes/js/tinymce/plugins/wplink/plugin.min.js
wp-includes/js/tinymce/plugins/wplink/plugin.js
wp-includes/js/tinymce/wp-tinymce.js.gz
wp-includes/js/customize-models.js
wp-includes/js/mce-view.js
wp-includes/js/mediaelement/wp-playlist.js
wp-includes/js/mediaelement/wp-mediaelement.css
wp-includes/js/media-audiovideo.min.js
wp-includes/js/shortcode.js
wp-includes/js/media-views.js
wp-includes/js/customize-views.min.js
wp-includes/js/media-audiovideo.js
wp-includes/js/customize-models.min.js
wp-includes/js/mce-view.min.js
wp-includes/version.php
wp-includes/default-widgets.php
wp-includes/script-loader.php
wp-includes/media-template.php
wp-includes/ms-load.php
wp-includes/css/editor-rtl.css
wp-includes/css/editor.css
wp-includes/css/media-views-rtl.min.css
wp-includes/css/media-views.min.css
wp-includes/css/editor-rtl.min.css
wp-includes/css/editor.min.css
wp-includes/css/media-views-rtl.css
wp-includes/css/media-views.css
wp-includes/widgets.php
Edit:
After writing the post, I checked the new files out. I am very surprised that I found out 165 files removed. Most of them are kinds of css or js. They includes a lot of files related to TinyMCE. I heard several issues of the visual editor on WordPress 3.9. The troubles were maybe related to TinyMCE. I remember TinyMCE 4.0 merged into WordPress Core announce on this January. I think this probably influenced the behavior of the visual editor, so they had this acts. Do you think so, too?
List of Files Removed