Daily certificate updates

Forum about the Toon firmware, and its extensions

Moderators: marcelr, TheHogNL, Toonz

hvxl
Senior Member
Senior Member
Posts: 1965
Joined: Sat Jun 05, 2010 11:59 am
Contact:

Re: Daily certificate updates

Post by hvxl »

I read horror stories about the Toon 1 getting much slower than it already is with firmware versions after 5.0.4. That's why I didn't upgrade. I wasn't aware that it was still updating certain stuff behind my back.
Schelte
TheHogNL
Forum Moderator
Forum Moderator
Posts: 2125
Joined: Sun Aug 20, 2017 8:53 pm

Re: Daily certificate updates

Post by TheHogNL »

hvxl wrote:I read horror stories about the Toon 1 getting much slower than it already is with firmware versions after 5.0.4. That's why I didn't upgrade. I wasn't aware that it was still updating certain stuff behind my back.
It is true that the toon gets slower and slower, but from 5.30.4 (or something there) it got an update which speeds it up again. But then again, nothing new in the toon1, so really no good reason to update indeed. But we tend to change resource files only for new firmwares because it is hard to keep up the changes with older firmwares also. For example, the animations are hard to port back to older firmwares.

The only updates we push are support scripts which are sometimes necessary for custom apps to keep working, like the nlalert app this time. We can not make them per app dependent.
Member of the Toon Software Collective
TerrorSource
Administrator
Administrator
Posts: 494
Joined: Thu May 04, 2017 9:28 pm

Re: Daily certificate updates

Post by TerrorSource »

hvxl wrote:I read horror stories about the Toon 1 getting much slower than it already is with firmware versions after 5.0.4. That's why I didn't upgrade. I wasn't aware that it was still updating certain stuff behind my back.
It still has the tsc-support script running on it which makes sure that it stays activated, that you can install apps and that you can update whenever you want.
That also downloaded a new certificate for a specific app.

You can update towards 5.33.9 if you want to, makes the Toon1 a lot faster!
TheHogNL
Forum Moderator
Forum Moderator
Posts: 2125
Joined: Sun Aug 20, 2017 8:53 pm

Re: Daily certificate updates

Post by TheHogNL »

And just today a new mozilla root certificate file :)
Member of the Toon Software Collective
RomMon
Starting Member
Starting Member
Posts: 44
Joined: Mon Aug 29, 2016 9:05 pm

Re: Daily certificate updates

Post by RomMon »

@hvxl Running also into the same issue, you are not alone...
Think this started on 2-Oct.

Code: Select all

# cat /var/log/tsc
<snip>
Starting TSC support script (version 2.17)
Running 5.0.6 on a qb2
Allowing SSH in firewall rules INPUT table
Checking for updates
Running 5.0.6 on a qb2
There is a new version of the Mozilla CA pem file. Downloading it!
Download ok! Replacing Mozilla CA pem file!
mv: can't rename '/tmp/mozilla.crt': No such file or directory
Adding intermediate Staat der Nederlanden Domein Server CA 2020 - for NLalert API
/usr/local/share/ca-certificates/DomeinServerCA2020.crt: No such file or directory
Openssl DER to PEM failed for intermediate certificate. Trying next time.
Updating certificates in /etc/ssl/certs...
0 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d...
done.
I'm also missing /usr/local/..

Code: Select all

# ls -la /usr
drwxr-xr-x    9 root     root           608 Nov 28  2018 .
drwxr-xr-x   16 root     root          1520 Aug  6 22:46 ..
drwxr-xr-x    2 root     root         16400 Oct 10 12:30 bin
drwxr-xr-x    2 root     root           160 Aug 29  2011 games
drwxr-xr-x   14 root     root         11632 Nov 14  2018 lib
drwxr-xr-x    4 root     root           288 Aug  6 22:38 libexec
drwxrwxr-x    2 root     root          4064 Mar 11  2018 sbin
drwxr-xr-x   18 root     root          1288 Aug  6 22:45 share
drwxr-sr-x    2 root     root           160 Aug 29  2011 src
Just created the directory you found missing, and executed killall tsc:

Code: Select all

Starting TSC support script (version 2.17)
Running 5.0.6 on a qb2
Allowing SSH in firewall rules INPUT table
Checking for updates
Running 5.0.6 on a qb2
There is a new version of the Mozilla CA pem file. Downloading it!
Download ok! Replacing Mozilla CA pem file!
Adding intermediate Staat der Nederlanden Domein Server CA 2020 - for NLalert API
Updating certificates in /etc/ssl/certs...
2 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d...
done.
Looks solved, thanks!!
TheHogNL
Forum Moderator
Forum Moderator
Posts: 2125
Joined: Sun Aug 20, 2017 8:53 pm

Re: Daily certificate updates

Post by TheHogNL »

Yes solved. But that 5.0.6 version expects the certificates in another directory.
I look into it today to change the script to check the directory depending on the toon version.
Member of the Toon Software Collective
TheHogNL
Forum Moderator
Forum Moderator
Posts: 2125
Joined: Sun Aug 20, 2017 8:53 pm

Re: Daily certificate updates

Post by TheHogNL »

Just checked the certificate settings on older firmwares. It seems that they also look in /usr/local/share/ca-certificates if that directory exists. So you fix was good!
I'll add to the script to create that directory if it doesn't exist yet. That should be enough.
Member of the Toon Software Collective
hvxl
Senior Member
Senior Member
Posts: 1965
Joined: Sat Jun 05, 2010 11:59 am
Contact:

Re: Daily certificate updates

Post by hvxl »

TheHogNL wrote:And just today a new mozilla root certificate file :)
I didn't get that one yet. Reason: My toon wasn't allowed to access curl.haxx.se. :oops: But I think I have allowed all necessary sites now.
Schelte
Post Reply

Return to “Toon Firmware”