Thursday, February 25, 2010

Install a new SSL CA cert to your iPhone



My company uses SSL certificates from IPSCA. They are cheap (especially for wildcard certs), but they also kind of suck (since they had a short validity and their level 1 intermediate cert expired 31 of Dec 2009).

To login to our Zimbra email over HTTPS I need to accept the new level 1 intermedia CA every time I want to read my email! Not funny and hence this:

Download the new SSL cert bundle from your CA. Send it as an email to any email account you have configured in your iPhone, press the attachement and you will enter a config program, select Install on your certificate, (it will complain about it not being signed, but nevermind).

Presto! Now I can visit the email server again without the pesky SSL error.

Tip-of-the-hat goes to this forum that provided the clues for the answer.


---

Ok, so I was stupid, which goes hand in hand with reading blogs instead of thinking for oneself: I could have just visited the website and clicked on the .crt link in the browser. When that happens, the "Install Profile" pops up. Just click install, enter your pin and you are done. KTHXBYE.

Track your laptop?

I used to use Adeona (http://adeona.cs.washington.edu/) for laptop tracking, but since OpenDHT closed down Adeona kind of lost all usability. Today, after the whole story about the school that remotely enabled the webcam in the schools laptop to track their students, I got reminded of Adeona again :)

Oh, the irony in this! A-ny-way: I wanted something to replace Adeona, and I found http://preyproject.com/download instead. Just download and install! It is written in Bash/Perl so it is highly customizable. Since I rather prefer to keep my information myself I created a SSH cert and set it to upload files to one of my public systems instead of using their information center.

Wanna know more? Check them out! It's free, and it's even available for android!

BTW:
To enable scp of the data, set "post_method" to "scp" in /usr/share/prey/config, and set username/hostname at the bottom of that file. Also, since you probably want to run it as root, "sudo su -" and do "ssh-keygen" to generate a new cert. Upload this to a prey-user at your server and there you go!