Cisco UCS “Error creating TP . failed to verify certificate chain, error: Failed to split certificate chain”

The first time I saw this error message in UCSM when creating a TrustPoint by installing a Intermediate CA Certificate, I was lost…I have not idea on what the system is complaining about…

Turns out the system wants to have both Intermediate and Root CA put in together in sequence, like below:

—–BEGIN CERTIFICATE—–
<Intermediate Certificate Contents>
—–END CERTIFICATE—–
—–BEGIN CERTIFICATE—–
<Root Certification Authority Certificate Contents>
—–END CERTIFICATE—–

Get rid of IE11 on Windows 10 (only if absolutely need to)

Update: I kinda regret removing IE11 and wrote this post now. I had to bring it back to fix some weird issue…Without IE11, there are just stuffs stop working on windows 10. If you absolutely need to remove IE11, the use this post. Otherwise, just keep it to avoid unnecessary issues.

Microsoft has it not-so-painful to get rid of IE11 in Windows 10, jusing the “Control Panel\All Control Panel Items\Programs and Features” and then “Turn Windows features on or off”. However after reboot following the IE11 removal, there would be issue with openning html links in Outlook and Onenote for example, even new Edge Chromium is set as the default browser already… Here is a screenshot of the warning message…

Microsoft-Outlook-Your-organizations-polices-are-preventing-us-from-completing-this-action-for-you.jpg

The message is not intuitive at all. What it should really say is “there is no application to handle the HTML link”…

To fix it (for me at least on Windows 10 Pro v1909 Build 18363.752):

  1. Close the outlook/onenote/whatever application has the html link
  2. Open Registry Editor and find following key3.PNG
  3. Make sure the “(Default)” property is set with value “htmlfile”
  4. Modify the value as needed but do backup the registry first
  5. Navigate to following path in the registry editor2
  6. There should not be key “open” and its sub-key “command” listed. If there are, then it is a different issue for you and this post won’t help you.
  7. Create the key “open”, sub-key “command” and set the “(Default)” property to use Edge Chromium.3.PNG
  8. Close the Registry Editor and try the html links again.

 

NOTE: The html link should open in your preferred default browser set in Windows 10. It could be Firefox, Chrome or Edge Chromium regardless of the value set in step 7 above.

Auto Hide bookmark toolbar in Firefox v75

As of Firefox 69, the browser will no longer load userChrome.css by default. The toolkit.legacyUserProfileCustomizations.stylesheets preference needs to be manually set to true to restore this ability.

Until Firefox v72, the old trick was still functioning. With the help from Reddit and Github, here below are the steps to accomplish the same in Firefox v75 (most likely works for v72-74 as well):

  • Go to about:support within Firefox
  • Under Profile Directory, click on Open Directory
  • Create a folder called “chrome” without quotes
  • Enter chrome, right click and create a new text file. Name it “userChrome.css” without quotes
  • Copy and paste the CSS code below into userChrome.css
  • Restart Firefox (make sure “show bookmark toolbar” is checked already)

#PersonalToolbar{
--uc-bm-height: 20px; /* Might need to adjust if the toolbar has other buttons */
--uc-bm-padding: 2px; /* Vertical padding to be applied to bookmarks */
}

:root[uidensity="compact"] #PersonalToolbar{ --uc-bm-padding: 1px }
:root[uidensity="touch"] #PersonalToolbar{ --uc-bm-padding: 6px }

#PersonalToolbar:not([customizing]){
margin-bottom: calc(2px - var(--uc-bm-height) - 2 * var(--uc-bm-padding));
transform: rotateX(90deg);
transform-origin: top;
transition: transform 135ms linear 600ms !important;
z-index: 1;
}

#PlacesToolbarItems > .bookmark-item{ padding-block: var(--uc-bm-padding) !important; }

/* SELECT BOOKMARKS TOOLBAR BEHAVIOR */
/* Comment out or delete either one of these to disable that behavior */


/* Show when urlbar is focused */
#nav-bar:focus-within + #PersonalToolbar{
transition-delay: 100ms !important;
transform: rotateX(0);
}


/* Show when cursor is over the toolbar area */
#navigator-toolbox:hover > #PersonalToolbar{
transition-delay: 100ms !important;
transform: rotateX(0);
}

#PersonalToolbar:not([customizing]){margin-bottom: calc(-1px - var(--uc-bm-height) - 2 * var(--uc-bm-padding));}

Credit: https://github.com/MrOtherGuy/firefox-csshacks/blob/master/chrome/autohide_bookmarks_toolbar.css

Import Saved Logins to Firefox using csv/json file.

If you like me who want to take advantage of the Firefox Lockwise for password management, then check the procedures below to import logins to Firefox using csv file.

Likely you would need a pre-v70 Firefox install if your current firefox is updated. This might be due to the new lockwise.

Steps to Prepare your CSV file and convert to JSON format:

    1. Make sure the headers of CSV file, which contains all your logins, are “hostname”, “username”, “password”, like screenshot in the link.
    2. Convert the CSV file to the JSON format. There are multiple tools and scripts online to assist. I used miller tool on linux to do the conversion.
    3. mlr --icsv --ojson --jlistwrap cat sample.csv

Steps to import the logins:

  1.  On the Pre-v70 Firefox, enable the command line in Browser Console by access “about:config” and set “devtools.chrome.enabled” to be true.
  2. Open the Browser Console by pressing Ctrl+Shift+J
  3. Paste the code below to the Browser Console:
  4. When prompted, paste the content of your json file.

signons = '[{"username":"xxx","password":"xxx","hostname":"https://"},{more-logins}]';
if (logins = prompt("Logins JSON: [{},{}]",signons)){
try {
logins = JSON.parse(logins);
ChromeUtils.import("resource://gre/modules/LoginHelper.jsm");
LoginHelper.maybeImportLogins(logins);
} catch(e){ console.log(e); }
}

Now you would need to login to the Firefox account so the logins can be synced, which means you would be able to access them in your Firefox account lockwise. Once synchronization is done, you could delete the Pre-v70 firefox from your computer.

Reference&Credit:

https://support.mozilla.org/en-US/questions/1265250#answer-1239491

Auto Hide bookmark toolbar in Firefox (Deprecated in FF v72 and newer)

As of Firefox v72, this method is deprecated.

As of Firefox 69, the browser will no longer load userChrome.css by default. The toolkit.legacyUserProfileCustomizations.stylesheets preference needs to be manually set to true to restore this ability.

I used to install extension for firefox have bookmark bar autohide after opening a new tab. Now somehow that extension is not available on firefox add-on store anymore…But direction pointed by Reddit shows I actually does not even need that extension…

Here below are the steps for my Firefox 68 (might work for yours as well):

  • Go to about:support within Firefox
  • Under Profile Directory, click on Open Directory
  • Create a folder called “chrome” without quotes
  • Enter chrome, right click and create a new text file. Name it “userChrome.css” without quotes
  • Copy and paste the CSS code below into userChrome.css
  • Restart Firefox (make sure “show bookmark toolbar” is checked already)


#main-window #PersonalToolbar {
visibility: collapse !important;
opacity:0 !important;
margin-top: -23px !important;
transition: all 0.2s ease 0.2s !important;
}


#main-window[title^="Mozilla Firefox"] #PersonalToolbar,
#main-window[title^="about:newtab"] #PersonalToolbar,
#main-window[title^="New Tab"] #PersonalToolbar,
#main-window[title^="Firefox"] #PersonalToolbar,
#main-window[title^="Nightly"] #PersonalToolbar {
visibility: visible !important;
margin-top: 0px !important;
transition: all 0.2s ease 0.2s !important;
opacity: 1 !important;
}

Import OVF to VMware workstation

I recently have the needs to test some feature on the latest version of Cisco FMC and decided to install one on my VMware workstation. However when tried to import the OVF file, I ran into following issue:

pvscsi

 

 

 

 

I changed VirtualSCSI within OVF file under ResourceSubType to lsilogic. But that leaded to another issue: the SHA HASH not matching anymore when tried to import again… Luckily I found this post here.

I uploaded the ovf, vmdk and mf files coming from Cisco to my linux VM and run following: openssl sha1 *.vmdk *.ovf > *.mf

Then downloaded the only mf file back to my PC to overwrite the original one. Now the appliance is able to be imported to work in workstation 14.

P.S. Within VMware workstation, I also upgraded the VM compatibility setting and there does not seem break anything…

How to download CiscoLive! recording

UPDATE: Check the bottom of the article for updated method.

NOTE: Respect copyright and consider what you’re doing and WHY before you use this technique to download videos that may have been embedded for a reason.

I like to watch CiscoLive! recordings for training and studying. But not all the time that I have Internet access when I am Free…Plus there are times I just simply want to play the recording at 1.2/1.3x speed to save some time…

I found actually it is quiet easy to download the recording. I use Firefox but should be similiar to Chrome as well.

Steps:

  1. Load the video in browser
  2. Press “Ctrl+Shift+C” to open Web inspector on Windows. Do not have a Mac at the moment to find shortcut key.
  3. Click on the Video player inside browser
  4. The source link of the Video should be showing in inspector window
  5. Double click the source link to copy it
  6. Paste the link to a new browser tab
  7. Once the page loaded, right click on the video and “Save Video As…”

**************************************************************************************

Not sure exactly when, but CiscoLive! site changed its way to stream recorded videos and the above method stopped working… Here below is my current workaround to download from ciscolive.cisco.com.

Steps:

  1. Load the video in browser
  2. Press “Ctrl+Shift+E” to open Network Monitor in Firefox on Windows. Do not have a Mac at the moment to find shortcut key.
  3. Refresh or reload the page
  4. You should see tons of requests in the network monitor list
  5. Sort the list by File column and try to find the one entry with all digits value under the File column, such as 5803751421001, and likely the domain associated should be (at least currently): edge.api.brightcove.com
  6. Right click on the entry and select Copy Response
  7. Paste the response into notepad and search for MP4
  8. Here is an example
  9. Paste the link from response to a new browser tab
  10. Once the page loaded, right click on the video and “Save Video As…”

 

USB-Serial adaptor on Mac OS X

I have a USB-Serial adaptor (prolific pl2303 chip) and MBP Mac OS 10.11.4 for connecting to console of switches, routers and firewalls via screen. Since somewhere between Mac OS 10.11.2 and 10.11.3, the setup is broken as screen will hang if I exit the screen session and then try to reconnect to the device via USB-Serial adaptor. I did upgrade to the latest firmware from prolific page for Mac but did not help…So I started posting for help on Internet forums…

janm on Stack Exchange really helped. Here is the workarounds: use cu instead of screen on Mac for the task. The catch though is by default cu needs to be run with sudo. So,

  1. Type in the password everytime you try to connect to console.
  2. Use one of the followings to get rid of the password prompts:

OPTION 1: Create cu configuration file like “/Users/test/cu.conf” with content below and also create the lock folder accordingly. Run the cu command as “cu -I /Users/test/cu.conf -l /dev/cu.usbserial -s 9600 –nostop

lockdir /Users/test/cu_lockdir

OPTION 2(HIGHLY NOT Recommended): Run “sudo visudo” and uncomment the line below and save and exit.

 %wheel ALL=(ALL) NOPASSWD: ALL

BTW, I also opened a bug report with Apple and provided necessary debug but have not heard back yet…I think the screen compiled with Mac OS X changed on handling port open/close.