Why Safari or Chrome on Mac won’t accept your long-term certificate

In 2019 Apple started rejecting certs with a validity period longer than 825 days. In September 2020, the validity period can only be less than 398 days.


Nice writeup by Michal Spacek:

Process to Submit an App Hosted on Ubuntu 16.04 to AWS Marketplace

Preparing the VM

  1. Import the virtual-machine.ova into VMWare Workstation.
  2. Start the VM and login
  3. Remove the GUI and all unnecessary services 
    1. sudo apt purge -y ubuntu-desktop unity gnome-shell lightdm account-plugin-aim account-plugin-facebook account-plugin-flickr account-plugin-google account-plugin-jabber account-plugin-salut account-plugin-yahoo avahi-autoipd avahi-daemon avahi-utils bluez bluez-cups bluez-obexd gnome-bluetooth cups* empathy* evolution* firefox gnome*
    2. sudo apt -y autoclean autoremove clean 
  4. Update repos
    1. sudo apt-get update
  5. Fix Spectre/Meltdown without full upgrade which would break the app
    1. sudo apt install -y amd64-microcode linux-aws linux-euclid linux-gcp linux-gke linux-goldfish linux-kvm linux-oem qemu
  6. Install AWS requirements
    1. AWSCLI
      1. sudo apt install -y awscli
    2. SSM Agent
      1. mkdir /tmp/ssm
      2. cd /tmp/ssm
      3. wget https://s3.amazonaws.com/ec2-downloads-windows/SSMAgent/latest/debian_amd64/amazon-ssm-agent.deb
      4. sudo dpkg -i amazon-ssm-agent.deb
      5. sudo systemctl status amazon-ssm-agent
      6. cd ~/
    3. Cloud-init
      1. sudo apt install -y cloud-init
      2. Add myusername to cloud-init
        1. sudo nano /etc/cloud/cloud.cfg
          1. default_user: name: myusername
  7. Remove public keys
    1. sudo rm ~/.ssh/authorized_keys
    2. sudo rm ~/.ssh/id_rsa.pub
  8. Change default passwords
    1. sudo passwd -l root
    2. sudo passwd -d whoopsie
  9. Shred things
    1. sudo shred -u id_rsa*
  10. Change SSH
    1. sudo nano /etc/ssh/sshd_config
      1. PermitRootLogin without-password
      2. PubkeyAuthentication yes
      3. AuthorizedKeysFile %h/.ssh/authorized_keys
      4. PasswordAuthentication no
      5. UseDNS no
  11. Remove SSH Host Key Pairs
    1. sudo shred -u /etc/ssh/*_key /etc/ssh/*_key.pub
  12. Regenerate OpenSSH host keys
    1. sudo dpkg-reconfigure openssh-server
    2. sudo systemctl restart ssh
  13. Shred more things
    1. shred -u ~/.*history
  14. sudo shutdown now
  15. Export VM to .ova

Import .ova as AMI

  1. Upload .ova to S3
  2. Import to EC2: Import .ova to AWS
  3. Launch the AMI
  4. Choose to create a new keypair
  5. Confirm you are able to ssh
  6. Share the AMI
    1. https://aws.amazon.com/marketplace/management/manage-products/?#/build.build-new 
    2. Click AMIs
    3. Click Unshared
    4. Select your AMI
    5. Change the OS Username to myusername
    6. Click Share AMI button

AWS Marketplace User Guide Best Practices

AWS Marketplace User Guide Product Policies











































PowerShell Script to Prevent Your Machine From Logging You Out or Sleeping While You Do Other Things

In certain environments, my development machine does not have access to the interwebs. I have to use a separate machine that is connected to the outside world to lookup a snippet or research a deeper issue. If I don’t think to tap the space bar at least every four minutes and 59 seconds, I have to re-authenticate to continue development. Then those dozen or so characters I’ve had to memorize interrupt me (Squirrel!) from the issue at hand; worse if I fat-finger the input. So here is a PowerShell script that does the mindless key tapping for me:

param($numKeyTaps = 90)
$wsShell = New-Object -com "Wscript.Shell"
for ($i = 0; $i -lt $numKeyTaps; $i++) {
Start-Sleep -Seconds 360
Write-Host "Tapped Numlock key"

Notes on Moving Meteor Development to WSL Debian


Turn Windows Features on and off, scroll down and check Windows Subsystem for Linux

Click on OK, and WSL will install. You’ll need to reboot to enable it.

From there, go to the Windows Store and choose your preferred Linux distribution. I used Debian.

Click on Get, install the distribution, and if you want, launch the terminal from the Start menu Debian Icon.

I use CMDR (https://cmder.net). It is superior to the default WSL Bash terminal and Windows Terminal for WSL support, multiple tabs and better character support. You’ll need the multiple tabs to run meteor and meteor mongo simultaneously.

Open up a CMDR WSL Bash terminal. You are in the home/user folder.

sudo apt update

Install curl
sudo apt-get install curl

Install Meteor
curl https://install.meteor.com/ | sh

Install MongoDB Tools, allows you to bulk import json data
sudo apt-get install mongo-tools

Install git
sudo apt-get install git

Create a Meteor app
meteor create –react ~/myapp
cd ~/myapp

Open a new WSL tab
meteor mongo

If you get an error like:
WSL Error:
Retrying after error { Error: SQLITE_IOERR: disk I/O error
=> awaited here:
at Promise.await
at Db._execute (/tools/packaging/catalog/catalog-remote.js:347:15)

You will need to:
vi .meteor/packages/meteor-tool/.1.8.1.ani1yi.p0f9s++os.linux.x86_64+web.browser+web.browser.legacy+web.cordova/mt-os.linux.x86_64/tools/packaging/catalog/catalog-remote.js

self._execute(`PRAGMA journal_mode=${JOURNAL_MODE}`);
Replace with:
self._execute(`PRAGMA journal_mode=TRUNCATE`);
Exit and Save (ESC :wq ENTER)

If you had to sudo vi running meteor may error with permission denied. So youmay need to:
chmod +rw .meteor/packages/meteor-tool/.1.8.1.ani1yi.p0f9s++os.linux.x86_64+web.browser+web.browser.legacy+web.cordova/mt-os.linux.x86_64/tools/packaging/catalog/catalog-remote.js

All of that should allow you to open multiple tabs while running meteor. Run meteor in the first tab then in the second tab import your data:
mongoimport -h localhost:3001 –db meteor –collection mydata –type json –file “./.db-json/mydata.json” –jsonArray

show dbs
use meteor
show collections
db.mydata.remove({}) – to delete all records

You can also:

Open explorer where you are:
explorer.exe . (that is a space and a period after the exe)

Open Visual Studio Code where you are:
code .

Other Notes:

meteor remove blaze-html-templates
meteor add angular-templates
meteor npm install –save angular angular-meteor

meteor remove static-html

meteor add accounts-password dotansimha:accounts-ui-angular
meteor npm install –save bcrypt

meteor remove insecure

meteor remove autopublish

Need to get Docker to work:

sudo apt-get remove docker docker-engine docker.io containerd runc
sudo apt-get update
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add –
sudo apt install apt-transport-https ca-certificates curl software-properties-common
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add –
manually add deb https://download.docker.com/linux/ubuntu bionic stable to software sources
sudo apt update
sudo apt-get install docker-ce docker-ce-cli containerd.io
sudo systemctl status docker
sudo docker run hello-world
sudo docker info
sudo docker version

sudo usermod -a -G docker $USER
sudo reboot

npm update caniuse-lite browserslist ???

docker build -t pipefitters .
docker run -d -p 80:3000 pipefitters
no workie


Duet Display on Windows. How to Rip it Out by Its Roots.

I tried to upgrade a working version of Duet Display on Windows 10. Installing the current version errors with “The older version of Duet Display cannot be removed”. Then it didn’t work anymore nor could I uninstall it.

If you can, uninstall duet display and kairos.
Uninstall everything Apple.
Delete these folders:
c:\program files\common files\duet display
c:\program files (x86)\common files\duet display
c:\program files\kairos
and anything that doesn’t look like it belongs in c:\users\chris\appdata\local\temp
Check the event viewer for cryptic folders where the .msi gets extracted.
In your registry, delete folders and keys named advinstanalytics, apple, bonjour, caphyon, duet display, kairos

Reboot (because Windows) and run the executable again. Repeat if necessary.

Kairos, you’re THAT developer.

Create Windows 10 Install USB Drive

How to create a bootable Windows 10 USB drive from the command line.

You’ll need the .ISO file for Windows 10.

Open the command prompt as the administrator, type “diskpart” without the quotes, and hit enter.

Plug in your USB drive. Type “list disk” without the quotes and hit enter. Take a look at the Size column and figure out which disk number your USB drive is.

Ours is number 1, so we’re going to type “select disk 1” without the quotes and hit enter. Adjust your disk number accordingly.

Now wipe the drive by typing in “clean” without the quotes and hitting enter.

Type “create partition primary” without the quotes and hit enter.

Then type “select partition 1” without the quotes and hit enter.

Next type “active” without the quotes and hit enter.

Finally, type “format fs=fat32” without quotes and hit enter.

When that’s done, type “assign” without the quotes and hit enter.

Mount the .ISO.

Close diskpart and open up cmd again. Type “xcopy g:*.* /s/e/f h:” without the quotes, where “g:” is the drive letter for your mounted .iso file and “h:” is the drive letter for your USB flash drive. Don’t worry if install.wim takes a while to copy: It’s easily the biggest file on the disc.

Type “exit” without the quotes and hit enter. You’re done. You can now install Windows 10 from your USB drive, either by booting from it or from within an existing installation of Windows.

Consume Volusion eStore API Using Meteor JS

The \server\main.js in this example performs an API call to your Volusion eStore, converts the response to JSON and inserts to MongoDB.

The \client\main.js makes the call and displays the data from MongoDB.

meteor create volusionapi

cd volusionapi

meteor add http peerlibrary:xml2js

Copy these files https://github.com/cjfleischhacker/MeteorVolusionAPI.git or create these files:


<h1>Welcome to Meteor!</h1>
{{> vapi}}
<template name="vapi">
<h3>List Courses</h3>
<p style="color: #ff0000; margin: 10px 0 10px 0;">
<table class="table table-hover">
{{#each courses}}


import { Template } from 'meteor/templating';
import { ReactiveVar } from 'meteor/reactive-var';
import './main.html';
Courses = new Mongo.Collection('courses');

Meteor.call(‘getJSONFromAPI’, function (err, res) {
if (err) {
} else {

Template.vapi.onCreated(function helloOnCreated() {

courses: function () {
return Courses.find();


import { Meteor } from 'meteor/meteor';
import { xml2js } from 'meteor/peerlibrary:xml2js';
Courses = new Mongo.Collection('courses');

‘getJSONFromAPI’: function () {
var apiUrl = ‘http://store.volusion.com/net/WebService.aspx?Login=email@mystore.com&EncryptedPassword=YourVolusionAPIEncryptedPassword&EDI_Name=Generic\\Products&SELECT_Columns=p.ProductCode,p.ProductName,pd.ProductDescription’

var response = Meteor.wrapAsync(apiCall)(apiUrl);
const result = xml2js.parseStringSync(response, { explicitArray: false, emptyTag: undefined });
for (var i = 0; i < result.xmldata.Products.length; i++) {
return result;

var apiCall = function (apiUrl, callback) {
// try…catch allows you to handle errors
try {
var response = HTTP.get(apiUrl).content;
// A successful API call returns no error
callback(null, response);
} catch (error) {
// If the API responded with an error message and a payload
if (error.response) {
var errorCode = error.response.data.code;
var errorMessage = error.response.data.message;
// Otherwise use a generic error message
} else {
var errorCode = 500;
var errorMessage = ‘Cannot access the API’;
// Create an Error object and return it via callback
var myError = new Meteor.Error(errorCode, errorMessage);
callback(myError, null);