Clipboard sharing not working in Virtualbox with Ubuntu guest OS

If this happens, make sure clipboard sharing is enabled in the guest settings.

If it still doesn’t work, re-insert the VBox Additions ISO to the guest OS and reinstall VBox Additions, reboot guest OS and try again.

It may work for a while until eventually breaking again if Virtualbox is updated. After upgrading Virtualbox, usually there will be a new version of VBox Additions.

Bad Gateway and request header too long errors in nginx reverse proxy server

When the response header is too large, nginx will reject it and return 502 Bad Gateway, this is because the default proxy buffer size is not large enough.

If you inspect the error.log file under /var/nginx, you will find this error

upstream sent too big header while reading response header from upstream

Change the following settings under location to fix this issue by making the buffers larger

proxy_buffer_size 128k;
proxy_buffers 4 256k;
proxy_busy_buffers_size 256k;

After fixing this, if you encounter error: Request header or cookie too long. You can fix it by setting the buffer size for client header under server configuration context.

large_client_header_buffers 4 24k

Create a self signed root CA certificate that works in Chrome in Ubuntu using openssl

This was really a lot of work as I’m not familiar with SSL and openssl. Took me a few days digging the net and trying many things to eventually make this work.

I was trying to make a Ubuntu client to trust a Windows webserver.

A few things I learned

  • If your certificate only have Common name, but your Subject Alternative Name is not in the cert, Chrome will complain with error ERR_COMMON_NAME_INVALID
    • Which is inaccurate and misleading.
    • Apparently, Common Name has been technically obsolete for 2 decades(!) and now the domain name must be put in SAN, which requires using openssl extension.
  • Using New-SelfSignedCertificateEx from Microsoft to generate the cert in Windows, the cert will not be trusted in Ubuntu, for some unknown reason. However if you install the cert in a Windows client and browse the website, it works.
  • For some application, you need to have a Friendly Name in the cert.

Steps to do it

Instructions are from the below link

https://www.ibm.com/support/knowledgecenter/SSZQDR/com.ibm.rba.doc/LD_rootkeyandcert.html

Generate the private key of the root CA:

openssl genrsa -out rootCAKey.pem 2048

Generate the self-signed root CA certificate, with SAN, you need openssl 1.1.1

openssl req -x509 -sha256 -new -nodes -key rootCAKey.pem -days 3650 -out rootCACert.crt -addext “subjectAltName = DNS:<Your domain name>”

Refer to this stackoverflow question on how to add SAN: https://security.stackexchange.com/questions/74345/provide-subjectaltname-to-openssl-directly-on-the-command-line

Create a pfx file to install in Windows web server.

openssl pkcs12 -export -out rootCACert.pfx -inkey rootCAKey.pem -in rootCACert.crt -name “<Your domain name>”

Afterwards, import the pfx file to the certificate store of the Windows Server using Microsoft Management Console and configure your webserver to use this certificate.

For Ubuntu Client, install to ca-certificates

sudo cp rootCACert.crt /usr/local/share/ca-certificates

sudo update-ca-certificates

Test using cURL, you may need to configure DNS or hosts file

curl https://<Your domain name>

Chrome and Firefox use their own certificate stores, so you need to add the certificates through their settings GUI. cURL will still work if cert doesn’t have SAN, but Chrome will complain as mentioned above.

EF Core Update-Database failed with MySQL

When trying to use the code first approach of Entity Framework Core to generate database and tables using MySQL. When running Update-Database in the package console manager, it shows an error saying table __efmigrationhistory doesn’t exists.

After digging in Stackoverflow, it seems that it’s a bug with the official MySQL connector. And at the time of this writing with this version 8.0.20 and .NET Core 3.1, this bug hasn’t been fixed. The connector is supposed to create this table for migration.

https://stackoverflow.com/a/46090571/9191495

In order to solve this problem there are two solutions

-Don’t use the official connector, use Pomelo.EntityFramework.MySql

https://www.nuget.org/packages/Pomelo.EntityFrameworkCore.MySql

-Alternatively create, the table yourself

CREATE TABLE `__EFMigrationsHistory` 
( 
    `MigrationId` nvarchar(150) NOT NULL, 
    `ProductVersion` nvarchar(32) NOT NULL, 
     PRIMARY KEY (`MigrationId`) 
);

It’s a waste of time, but what can one do.

No Configuration values in ASP.NET Core app when debugging in Visual Studio Code

This is a stupid mistake.

Make sure that in launch.json, the value for cwd is correct and is pointing to the same folder as the DLL of the .NET Core app.

By default current working directory is set to the workspace directory, the appsettings.json file is not there, thus when running the app, it doesn’t have any settings.

Change DNS server in Ubuntu 18.04

In Ubuntu desktop 18.04, it seems that in order to change the DNS server, you need to open Network Manager in the UI and set the DNS server IP Address.

However it doesn’t work until you restart or run sudo netplan apply.

If you use Ubuntu server, you need to modify a yaml file within yaml file, then run netplan apply.

Not sure why doing so in Ubuntu desktop doesn’t work, though.

Read single aggregate historical values from OPC UA

When reading processed historical data from OPC UA server, if you don’t set processing interval, only one value will be returned.

So if you use aggregation function Max from StartTime to EndTime, if you don’t specify the processing interval, it will return the maximum value from start time to end time.

If you specify the processing interval to 1 hour, it will return multiple max values for each hour within StartTime to EndTime.

Windows server is not listed under Network

Refer to this link: https://social.technet.microsoft.com/Forums/windows/en-US/6e133d2c-d0b8-48b0-8b32-94d6b010a224/server-does-not-appear-under-network?forum=w7itpronetworking

“Network discovery requires that the DNS Client, Function Discovery Resource Publication, SSDP Discovery, and UPnP Device Host services are started, you may check this on both sides to make sure they are started.”