Letsencrypt Part Deux: Failed to connect to host for DVSNI challenge.

SSL Certficate Nerdery
All that work just to get a green lock!

I once worked at a job whose firewall was so idiotic, it did not allow access to blogs. Since 40% of blog entries are technical, I had to use my phone to do an end run around said idiotic firewall to do my job. I used that one blog post to make jQuery work with XUL (I know right!?) So it’s time to pay it forward.

I managed to get my secure certs from Let’s Encrypt renewed.  I ran:

letsencrypt-auto -renew

and got this error message (excerpted for brevity):

 Failed to connect to host for DVSNI challenge.

It turned out that an earlier futzing with the SSL stuff in ports.conf, I had changed away from the default entry, which is:

Listen 443

Putting that back to “Listen 443” worked. Apparently DVSNI (Domain Validation with Server Name Indication) is a way to prove you own the server.

I found a lot of solutions for folks on AWS and Cloudflare involving jiggering IP addresses and renewing the Google DNS cache, but I have a VPS from Rackspace so that wasn’t it for me.

I thought that having Apache 2.4.7 (because I’m on Ubuntu 14.04 LTS) would causes issues, but that turned out to not be the case, even though the dry-run only mentioned fullchain.pem, which will requires Apache 2.4.8 to work. The renew option also generates chain.pem and cert.pem as separate files. fullchain.pem is just those two files tacked together.

Of course the dry run did NOT show the DVSNI issue. I’m going to check back in a while and see if my automated cron job actually works now that I’ve done it manually.

Site look upgraded; Images now responsive

I read about WordPress 4.4 and I decided to play around with them. I like the look of 2016 so I switched to that and may keep on customizing it.

In order to save yourself some grief, although the below image does not show the srcset and sizes attributes in the Text (HTML) view in WordPress post editor, it does in the actual HTML. Confusing if you ask me.

cute-chipmunkI did have to install gd first though – I was only getting the uploaded size.  I have a Rackspace VPS though – I would hope other WordPress hosters would have that installed already.

I am quite glad to see that WordPress is getting on the responsive image bandwagon: given the number of sites run on WordPress, this should help make the mobile web faster for (literally) millions of people.

Fool’s Quest by Robin Hobb Review: Fitz & the Fool have a Magical Love Child


Massive Spoiler Alert again. 
For the first book in the new series, Fool’s Assassin, and The Farseer Trilogy and The Tawny Man series.  Oh, and the Rain Wild series too. Isn’t that some kind of record, spoiling three prior series in one book?

Continue reading “Fool’s Quest by Robin Hobb Review: Fitz & the Fool have a Magical Love Child”