General

If it doesn’t belong anywhere, it belongs here.

Configuring my BIND/named DNS servers to operate from a hidden master via VPN for Let’s Encrypt

What is a hidden DNS master? If you need to ask that, this is not the blog post for you. This post assumes you already know how to configure DNS and just want ideas for your own hidden master. It also assumes the networking, VPN, and firewall are pre-configured for this. This blog post is

Configuring my BIND/named DNS servers to operate from a hidden master via VPN for Let’s Encrypt Read More »

pkg upgrade: Certificate verification failed for /C=IL/O=StartCom Ltd./OU=StartCom Certification Authority/CN=StartCom Class 2 IV Server CA

I noticed this on one FreeBSD server today: $ pkg -vv | grep url url: “pkg+http://services.unixathome.org/packages/103amd64-default-master-list/”, I decided: let’s use https, not http, there. After making the change (in my case, it was in /usr/local/etc/pkg/repos/local.conf, I tried upgraded packages, and it barfed: $ sudo pkg upgrade Updating local repository catalogue… Certificate verification failed for /C=IL/O=StartCom

pkg upgrade: Certificate verification failed for /C=IL/O=StartCom Ltd./OU=StartCom Certification Authority/CN=StartCom Class 2 IV Server CA Read More »

pfsense 2.3, now on FreeBSD 10.3 with pkg

I upgraded my pfSense box to 2.3 last night. Here is what I got: # uname -a FreeBSD bast.int.unixathome.org 10.3-RELEASE FreeBSD 10.3-RELEASE #4 05adf0a(RELENG_2_3_0): Mon Apr 11 19:09:19 CDT 2016 root@factory23-amd64-builder:/builder/factory-230/tmp/obj/builder/factory-230/tmp/FreeBSD-src/sys/pfSense amd64 These are the package repos they are using (as taken from pkg -vv): Repositories: pfSense-core: { url : “pkg+http://firmware.netgate.com/pkg/pfSense_factory-v2_3_0_amd64-core”, enabled : yes, priority

pfsense 2.3, now on FreeBSD 10.3 with pkg Read More »

Scroll to Top