Download the GeoTrust DV Intermediate CA file from https://knowledge.geotrust.com/support/knowledge-base/index?page=content&id=AR1422

Log in to the openfire admin UI ( http://server:9090/ ) and navigate to “Server Settings” -> “Server Certificates” and click on the “import” link ( http://server:9090/import-certificate.jsp ). Copy the appropriate sections from your certificate into the two text fields. Next, open the GT_QuickSSL_and_Premium_and_Trial_intermediate_bundle.pem file you just downloaded and paste the contents of this file into the certificate text field. Make sure there isn’t any space between the end of your certificate and the start of the intermediate certificates.

Here’s what the text field should look like given the intermediate bundle as of 2011:

-----BEGIN CERTIFICATE-----
Your certificate
—–END CERTIFICATE—–
—–BEGIN CERTIFICATE—–
MIID+jCCAuKgAwIBAgIDAjbSMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVT
MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i
YWwgQ0EwHhcNMTAwMjI2MjEzMjMxWhcNMjAwMjI1MjEzMjMxWjBhMQswCQYDVQQG
EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UECxMURG9tYWluIFZh
bGlkYXRlZCBTU0wxGzAZBgNVBAMTEkdlb1RydXN0IERWIFNTTCBDQTCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBAKa7jnrNpJxiV9RRMEJ7ixqy0ogGrTs8
KRMMMbxp+Z9alNoGuqwkBJ7O1KrESGAA+DSuoZOv3gR+zfhcIlINVlPrqZTP+3RE
60OUpJd6QFc1tqRi2tVI+Hrx7JC1Xzn+Y3JwyBKF0KUuhhNAbOtsTdJU/V8+Jh9m
cajAuIWe9fV1j9qRTonjynh0MF8VCpmnyoM6djVI0NyLGiJOhaRO+kltK3C+jgwh
w2LMpNGtFmuae8tk/426QsMmqhV4aJzs9mvIDFcN5TgH02pXA50gDkvEe4GwKhz1
SupKmEn+Als9AxSQKH6a9HjQMYRX5Uw4ekIR4vUoUQNLIBW7Ihq28BUCAwEAAaOB
2TCB1jAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFIz02ZMKR7wAoErOS3VuoLaw
sn78MB8GA1UdIwQYMBaAFMB6mGiNifurBWQMEX2qfWW4ysxOMBIGA1UdEwEB/wQI
MAYBAf8CAQAwOgYDVR0fBDMwMTAvoC2gK4YpaHR0cDovL2NybC5nZW90cnVzdC5j
b20vY3Jscy9ndGdsb2JhbC5jcmwwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzAB
hhhodHRwOi8vb2NzcC5nZW90cnVzdC5jb20wDQYJKoZIhvcNAQEFBQADggEBADOR
NxHbQPnejLICiHevYyHBrbAN+qB4VqOC/btJXxRtyNxflNoRZnwekcW22G1PqvK/
ISh+UqKSeAhhaSH+LeyCGIT0043FiruKzF3mo7bMbq1vsw5h7onOEzRPSVX1ObuZ
lvD16lo8nBa9AlPwKg5BbuvvnvdwNs2AKnbIh+PrI7OWLOYdlF8cpOLNJDErBjgy
YWE5XIlMSB1CyWee0r9Y9/k3MbBn3Y0mNhp4GgkZPJMHcCrhfCn13mZXCxJeFu1e
vTezMGnGkqX2Gdgd+DYSuUuVlZzQzmwwpxb79k1ktl8qFJymyFWOIPllByTMOAVM
IIi0tWeUz12OYjf+xLQ=
—–END CERTIFICATE—–
—–BEGIN CERTIFICATE—–
MIIDfTCCAuagAwIBAgIDErvmMA0GCSqGSIb3DQEBBQUAME4xCzAJBgNVBAYTAlVT
MRAwDgYDVQQKEwdFcXVpZmF4MS0wKwYDVQQLEyRFcXVpZmF4IFNlY3VyZSBDZXJ0
aWZpY2F0ZSBBdXRob3JpdHkwHhcNMDIwNTIxMDQwMDAwWhcNMTgwODIxMDQwMDAw
WjBCMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UE
AxMSR2VvVHJ1c3QgR2xvYmFsIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2swYYzD99BcjGlZ+W988bDjkcbd4kdS8odhM+KhDtgPpTSEHCIjaWC9m
OSm9BXiLnTjoBbdqfnGk5sRgprDvgOSJKA+eJdbtg/OtppHHmMlCGDUUna2YRpIu
T8rxh0PBFpVXLVDviS2Aelet8u5fa9IAjbkU+BQVNdnARqN7csiRv8lVK83Qlz6c
JmTM386DGXHKTubU1XupGc1V3sjs0l44U+VcT4wt/lAjNvxm5suOpDkZALeVAjmR
Cw7+OC7RHQWa9k0+bw8HHa8sHo9gOeL6NlMTOdReJivbPagUvTLrGAMoUgRx5asz
PeE4uwc2hGKceeoWMPRfwCvocWvk+QIDAQABo4HwMIHtMB8GA1UdIwQYMBaAFEjm
aPkr0rKV10fYIyAQTzOYkJ/UMB0GA1UdDgQWBBTAephojYn7qwVkDBF9qn1luMrM
TjAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjA6BgNVHR8EMzAxMC+g
LaArhilodHRwOi8vY3JsLmdlb3RydXN0LmNvbS9jcmxzL3NlY3VyZWNhLmNybDBO
BgNVHSAERzBFMEMGBFUdIAAwOzA5BggrBgEFBQcCARYtaHR0cHM6Ly93d3cuZ2Vv
dHJ1c3QuY29tL3Jlc291cmNlcy9yZXBvc2l0b3J5MA0GCSqGSIb3DQEBBQUAA4GB
AHbhEm5OSxYShjAGsoEIz/AIx8dxfmbuwu3UOx//8PDITtZDOLC5MH0Y0FWDomrL
NhGc6Ehmo21/uBPUR/6LWlxz/K7ZGzIZOKuXNBSqltLroxwUCEm2u+WR74M26×1W
b8ravHNjkOR/ez4iyz0H7V84dJzjA1BOoa+Y7mHyhD8S
—–END CERTIFICATE—–


If you don’t include the intermediate cert data in the second field or the intermediate certs don’t match you’ll see errors such as “Incomplete certificate chain in reply”, “Failed to establish chain from reply” or “Certificate chain in reply does not verify: Signature does not match.”

If you see the message “invalid DER-encoded certificate data” then you most likely have an empty line between one or other of the certificate lines.

I’ve confirmed that this works with the Openfire 3.7 server and Empathy as the IM client.

The latest addition on Google Maps: Tiles for Sri Lanka, with the ability to search for any address.

View Larger Map

I have to travel to London next month, and started the usual visa application process. I’ve grown accustomed to filling these out, as I usually go through the visa process of some country every few months. The Schengen visa application is a two-page affair and is not too bad. The US application application isn’t that bad either. But then I filled out the UK online form just now - 93 questions scattered across 27 pages of an online-form!

One section was about “You stated that you had made an application to the Home Office to remain in the UK in the last 10 years. “, and requesting for more information. Under the “Granted or Refused” field, I entered “Granted”, but was then surprised to see that the form refused to proceed, instead marking the “Reason (if refused)” field as a required field. Brilliant.

Other compulsory questions:

• Your total monthly income from all sources of work or employment after tax
• Do you receive income from any other sources‚ including friends or family?
• Do you have savings‚ properties or other income‚ for example‚ from stocks and shares?
• How much of your monthly income is used to support your family member’s?
• How much do you spend each month on living costs?
• You stated that you have savings‚ property or income. Please give details

Then there were the usual “Are you a terrorist” type questions which are also on the US visa and entry forms. The last question in that block: “Have you engaged in any other activities that might indicate that you may not be considered a person of good character?”

Definitely the most intrusive and convoluted visa form I’ve come across.

In my earlier simple attempts at aggregating my online activities, I had set up my blog to cross-post to my Twitter stream, for my Twitter tweets to post back to my blog, and for my del.icio.us bookmarks to do a nightly aggregated post back to my blog too (which would of course also generate a tweet).

With the arrival of FriendFeed, though, all of this cross-linkage was unnecessary. Even more so, it was polluting my FriendFeed stream, with multiple events from different streams, all announcing the same thing.

And so, all the cross-posting is now turned off, and enjoy the simplicity of FriendFeed.

Facebook has a million and one applications. Among them are a number of IQ Test applications. Even to view someone else’s results, you have to install the app, with the corresponding permissions screen as shown below:

Now, maybe I’m not supposed to have the IQ to understand, but why should an IQ Test application need access to “your profile information, your photos, your friends’ info and other content that it requires to work”? Ah - maybe all that information is used to adjust your IQ score… you know, if you’ve used L33T-speak on your profile, that’s a -20 adjustment right there. Are you in a Palin supporters group? -30 for you! Photos of kittens? +5. Photos of dogs? +10!

Naah, quite unlikely. In my opinion, what should happen if you press that “Allow” button is the message: “Your IQ Score: 0″!

You might already have heard about the Freeze at Grand Central Station in NYC, the Freeze in San Francisco, and many others. Here’s my video of the Zürich Freeze:

The beginning of the video is not that great due to the backlighting.

The popularity of social networks can’t be denied, but it was still a surprise to find that the BBC had started adding social-bookmark links at the bottom of their news items. Specifically, they’ve added links to del.icio.us, Digg, Reddit, Facebook and Stumbleupon. Although the BBC does experiment a lot with new media, this was still quite unexpected. Looks like they aren’t the dinosaur they used to be! And it seems it’s not just the BBC readers/viewers who are exposed to Facebook - it seems that BBC staff and employees are jumping on the Facebook bandwagon, with the network having gone viral inside the beeb. Was that the reason these links were added?

I’m wondering what the reaction of people who haven’t yet been part of these networks will think once they see these icons. Will they be tantalising enough for them to go subscribe and start using a social network? Or will they simply be ignored? Would be nice to have access to some kind of stats on it.

Here’s a test to see what happens when you search for රොෂාන් (Roshan) and සෙම්බකුට්ටිආරච්චි (Sembacuttiaratchy) via Google Sri Lanka. Actually, that last search should eventually be a GoogleWhack. If you use Firefox, the pages might not render correctly. Make sure you have a font like Kaputa Unicode installed. If you use any flavour of Linux, you’ll have to follow the instructions from here to enable proper support and rendering.

I’ve just installed the Wordpress Twitter integration plugin, which means my blog post entries will update my Twitter page, and any Tweets posted would update my blog. Here’s a test to see whether it really works!

I’ve finally resurrected my blog, migrated it over to WordPress, and have a consistent theme across the main site, blog, gallery and code sections. Having done that, there’s several developments I have to share:

I’ve moved (again!). To those who know me well, this comes as no surprise as I’ve always had some form of “Gypsy” gene in me, giving me itchy feet if I’m in one place for too long which then causes me to move to a new place. And so it is that I left London after having spent four years there, and am now living and working in Zurich. After having spent several months dealing with interviews and work permit issues, I’m now working for Google in Switzerland.