Installing an Origin CA cert in Pound

Recently I was approached by one of the Cloudflare channel team as they advised all customers about Google's announcement about distrusting SSL certificates from two certificate authorities ("CAs"): WoSign and StartCom. Google's announcement joins Mozilla and Apple and now represents the majority of human-driven browsers. As I was using a…

Migrating into multisite

Quite often in my role as a Solutions Architect at Acquia, I'll see customers looking to bring sites under the multisite banner in order to enact a more controlled code governance model. Amalgamating codebases allows for a more controlled site development experience where 50 different sites can be thought of…

Verifying SSL certificates with drupal_http_request

Recently I was posed with the question about verifying self-signed SSL certificates with drupal_http_request(). The usecase here would be to use private APIs to surface information, secured with SSL, yet using an internally created certificate. By default, drupal_http_request() does not verify the SSL certificate of sites…

Making Nagios check OpenVPN

I've been slowly expanding the amount of automation that runs on the servers I personally maintain. With Puppet as my configuration management system I'm able to deploy changes to however many of my servers quickly and easily. Similarly, if any server dies a fiery death a new one can be…

Fighting back from Drupal hacks

The last thing any website owner, developer or administrator wants to hear is that they've been hacked. Whether the cause was the fault of insecure passwords, problematic file permissions, a vulnerability in the underlying code or the myriad other potential issues, it's an undesirable situation to be in. When Drupal…

Mounting Acquia locally with sshfs

One of the things that I've been working on recently as part of my MBOs with Acquia is related to learning and teaching Drupal 8. My latest self enforced task it to port the SimpleSAMLphp Authentication module and create a new and shiny D8 version. After migrating most of the…

Playing with augeas for fun and profit

Contrary to what Wikipedia says, the Augeas I'm using isn't at all related to the 5th labour of Hercules. Rather, it's a configuration editing tool and Puppet resource type used primarily to alter and control config files. After recently adding control of /root/.my.cnf to the manifests managing all…

Becoming Acquia Backend Specialist Certified

For the most recent Acquia Professional Services All Hands in Boston I took the Acquia Backend Specialist certification and passed! Following the helpful blog articles about the general certification from Tanay Sai and Webchick, I felt it was only responsible to speak about my experience during the backend exam. One…