Debian Curl/PHP/wget etc show an certificate error falsely

Problem: curl php wget and others show a cert error like the following since 6. Oct 2021, even though the cert has not expired: The asked server uses a Letsencrypt certificate. Discussion: Currently Letsencrypt includes two chains for validation of the certificate: Cert -> R3 -> ISRG Root X1 (in new trust store) Cert -> …

Continue reading ‘Debian Curl/PHP/wget etc show an certificate error falsely’ »

F5 iRule Class Match Crash

Problem: F5 iRules with “class match” crash sometimes with this message: /Common/UA_DETECT – ambiguous option “-“: must be -all, -index, -element, -name, or -value while executing “class match [string tolower [HTTP::header User-Agent]] contains UA_STRINGS” Discussion: the class match command has optional parameters, when the HTTP header User-Agent starts with a “-” it gets intepreted by …

Continue reading ‘F5 iRule Class Match Crash’ »

Ubiquiti UniFi the Next Botnet ?

I tested a Ubiquiti access point today. UAP-AC-Lite seems to be a very good and cheap access-point. When you take it out of the box and connect it to the network it gets an IP address using DHCP and waits for a configuration. In this mode it sends broadcasts to find a controller and listens on port …

Continue reading ‘Ubiquiti UniFi the Next Botnet ?’ »