PHP: Fixing “ is using a unsupported protocol – This should never happen.” (again again)

After updating to PHP 7.4.10, I’m getting the dreaded “ is using a unsupported protocol – This should never happen. upgrade failed.” error message when running pecl upgrade. After a bit of searching, I found a post that suggests the command pear update would help. When I tried this, I got, “pear/pear dependency package “pear/Archive_Tar” … Read more

I Was Wrong (again): Let’s Encrypt Works For Me, Thanks to A2Hosting!

As often happens, when I bitch and whine about something, I’m bloody wrong! I was wrong about being unable to use Let’s Encrypt. No, the folks at EFF didn’t fix anything. It turns out that my hosting provider, A2Hosting took care of it for me, before I asked!! Yay A2Hosting! I took another look through … Read more

Still Fighting (and Failing) with Let’s Encrypt

I’m still fighting with Let’s Encrypt.  Like a Mac, it’s so easy to use, I can’t figure it out! UPDATE: A2 Hosting had the answer the entire time! Oops! Here’s an outline of my latest failure: says: python –public-key domain.csr > signed.crt I used: python ~/tmp/test/letsencrypt-nosudo-master/ –file-based –public-key domain-redacted.csr > domain-redacted.crt … Read more

Let’s Encrypt Sounds Good, But I Found its Easier Way to be Impossible

About  a year ago, the Internet Security Research Group (ISRG) launched an effort now called Let’s Encrypt to provide free (no cost) SSL certificates for web servers. The EFF (and perhaps others) have launched a set of tools known as certbot that aim to make getting and installing SSL certificates painless. My experience getting and … Read more

Getting Ready for 2016: SHA-2 (SHA256) Certificates and Apache

It seems Google has declared SHA-1 encryption insecure. Chrome now complains about sites using this protocol for secure (https) connections. From what I understand, certificates and servers should be upgraded before 2016 in order to be viewable by Chrome users. Once again, I turned to Qualys SSL Labs for help. Their SSL Server Test is … Read more


Yes, yet another Frank Zappa reference for an SSL issue! Woohoo! I really don’t see that the recently disclosed FREAK bug is easily expoitable.  It seems to me that a man-in-the-middle attack would be rather difficult to execute. My thought is that the attacker would need to control either DNS or routing, or be on … Read more

The POODLE bytes: Taming the Dog

Just yesterday, my supervisor forwarded me an email about the SSLv3 POODLE attack, and asked me if our servers were secured against this issue. I was forced to admit that I had never heard of POODLE, but that I’d do some research and get back to her. I Googled around a bit and found a … Read more