ActiveMQ disable Diffie-Hellman ciphers to avoid “KeyUsage does not allow digital signatures” errors

Here’s how to do it:

transport.enabledCipherSuites=SSL_RSA_WITH_3DES_EDE_CBC_SHA

Add this parameter to URI in mqtt transportConnector (in your conf/activemq.xml config).

The need for this? I had a set of keys+certificates that were working perfectly fine on RabbitMQ, but on ActiveMQ I was getting “KeyUsage does not allow digital signatures” errors on client when it was validating server’s certificate.

I had no idea why this happened, googling revealed some fragmented info, in general I understood that my server’s certificate had “extension” “key usage” that indicated it didn’t allow (support?) digital signatures.

Screen Shot 2016-05-31 at 11.50.27 PM

Continue reading

Advertisements

Linksys WRT54GL automated DHCP renew

RouterResetter I’ve been having trouble with my Internet connection at home – from time to time the connection stalled and I had to make router renew IP via DHCP to get connection back (any my router is Linksys WRT54GL).

Don’t know whose fault it is – router or provider (I blame provider because this tends to happen more often at night, and I don’t think my router has a clock in it (-; ), but I’m not that good at networks to find the problem and fix it (especially if it’s at provider side – I can never convince them that something that happens “once in a while… oh wait, it just happened, yes!” (-: is their fault).

So I decided to make a little program that would do this for me – check Internet connection on timely basis, and make router renew IP if connection is dead (by sending POST request to it’s web interface page), so I wouldn’t have to do it myself (and also could leave downloads for night (-: ).
Continue reading