Tuesday, March 27, 2012

A quick openvpn "oops" moment

I learned a quick, silly lesson today. I run some servers that tunnel using openvpn to facilitate our single sign on. I've migrated one before, and at the time, I foolishly did not create a new certificate/key pair for the new server and re-used the old one. During the point of the migration where I had both servers online at once, the two openvpn clients kept fighting - one connected, the other disconnected, and so forth, until I figured it out.

This time - I did things right - I generated a new certificate. HOWEVER, The subjects of the certificates were still the same, so they were being assigned the same IP address. This caused basically the same situation. Fortunately this time I was a bit quicker to realize. Make sure you differentiate your subject names when using openvpn. In general, you would already be doing this, but in the case of moving a server hosting a given domain from one box to another, since the domain name being served is the same there is an inclination to just type the same domain name in...don't do it. Make sure it's unique. Thanks for the forum post which lead to my answer, Jan Just Keijser!

I'm not sure if just the OU or CN must be different, or if both should be different. I erred on the side of caution and made sure both were distinct. I falsely assumed only the certificate itself had to be unique, but that's not the case.


This is a self-reminder blog post / post of shame. DOH!

Tuesday, March 20, 2012

World Time Buddy - an awesome timezone website

As the company I work for grows and has more users in remote areas of the globe, knowing what time it is for everyone gets tricky. We're in the US on the East Coast, but have employees in California, Hawaii, Germany, France, India, Ukraine, and other locations. A very simple site I found that does the best job I've seen is www.worldtimebuddy.com - hands down.

 Here is a sample of one I configured in around a minute and then bookmarked and shared:

















 I couldn't get a larger image to work well in this theme so to see this for yourself use this link.

It may not have the fanciest name or super sleek graphics, but its display of information is amazing. Above we see that:
  • It displays current times clearly for all timezones I care about in an easy to read/compare way. 
    • Everything is vertically aligned with readable values for easy comparison
    • I see whole-hour times for a 24 hour period
    • I see current exact times
    • I see offsets (+4, -6, etc) from my home time zone
    • It shows the current date in each time zone in an easy to follow way
    • It shows business hours, night hours, and late night hours in different colors
  • It alerts me to upcoming time changes - in this case, Europe's daylight savings equivalent happens 4 days from now
  • I can remove a timezone I no longer need with one mouseclick
  • I can change my home timezone with one mouseclick
  • Not visible in the above screenshot, but visible with the mouse cursor is the ability to drag and drop re-order timezones in any way I choose. I put mine in ascending order, but that isn't enforced, it was my preference. 
  • I can click link icon in the top right corner to get a link to the site containing my customizations, easily bookmarkable and shareable with coworkers.
  • New timezones can be added by using an autocompletable field (just start typing a city or country name)
I love the simple yet useful way it displays the timezones.If there is one area for improvement it would be a customized interface for mobile devices - you get the same, full webpage from a mobile device. It's still usable but the hover-able timeline does not work. Since it displays all of the hours it isn't strictly necessary, as you can still see the same information it just doesn't give it that extra focus if you want to pick a time for a meeting for people in vastly different timezones.

If you deal with multiple time zones a lot, definitely check out World Time Buddy.