/etc/sysconfig/clock is removed after yum update in Amazon Linux 2


Simple version: If you follow AWS guide Setting the Time for Your Linux Instance to use /etc/sysconfig/clock to configure the timezone in Amazon Linux 2, you may not be able to find it after a yum update. So the suggested way to adjust time is to use timedatectl. For example: sudo timedatectl set-timezone Australia/Sydney Detailed … Continue reading /etc/sysconfig/clock is removed after yum update in Amazon Linux 2

Manage Private CA file in Python


The private CA signed certificate can cause SSL error in Python if the it is not trusted. How to manage it? Well, it really depends on the Python module that you use. I will give a few examples that I have seen so far. pip Pip is the popular python package manage tool. To check … Continue reading Manage Private CA file in Python

LDAP: error code 11 – This search operation has checked the maximum of 5000 entries for matches]


We have a Jenkins box that use OpenDJ as the LDAP authenticator. And recently we migrated the ldif data from the old OpenDJ to a new OpenDJ server, and reconfigured the Jenkins to use the new box. After that, the Jenkins authentication stops working. I noticed this message in the Jenkins log. It looks like … Continue reading LDAP: error code 11 – This search operation has checked the maximum of 5000 entries for matches]

Error response from daemon: error unmarshalling content: unexpected end of JSON input


It happened the other day that one user reported that he was unable to pull a docker image from an internal registry. So I tried from my laptop, it looked fine at the first beginning. There were a few downloading processed going on, but it threw the error¬†unknown blob at the end. So I tried … Continue reading Error response from daemon: error unmarshalling content: unexpected end of JSON input

Openssl error: SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol


If you see similar errors as below when using openssl to test a https site, it is most likely caused by the SNI that is configured in the reverse proxy or server, like Nginx. openssl s_client -connect bla.bla.com:443 CONNECTED(00000003) 51089:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:/BuildRoot/Library/Caches/com.apple.xbs/Sources/OpenSSL098/OpenSSL098-59.60.1/src/ssl/s23_clnt.c:618: To make it work, you need to specify the hostname in the command, … Continue reading Openssl error: SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol