Contact: Mike Isely <isely at pobox dot com>

Also reachable at:

isely.net

Welcome to isely.net, my fairly sparse corner of cyberspace. Choose a topic below:

  • pvrusb2: Linux driver for Hauppauge WINTV PVR USB 2.0 TV tuner
  • Fun with MythTV Configuration
  • Isely/Iseli Family
  • Public mailing lists hosted here
  • Accessing this site with SSL
  • About this site
  • Barbershop Harmony Society Photos


  • Isely/Iseli Family

    If you are looking around for Isely/Iseli family members or related geneological information, you might be interested in looking at one of these sites:

    Yes, I'm a part of this family but I am more of a software hacker / driver nut / system adminstrator than an expert on family history. However with that said, there is a mailing list here that you may be interested in:

    Isely/Iseli Extended Family Mail List


    Accessing this site with SSL

    This web server is also configured for SSL transactions. Access is in the usual way with "https" substituted in the URL in place of "http". For example, the main page is https://www.isely.net.

    Why SSL? There are areas of this site that may require passwords for access. For example, if you have a list subscription then you need your password to get to your configuration page. I also plan on soon publishing a Subversion repository here, with the possibility for allowing authenticated commit access. In such cases passwords may travel in the clear unless action is taken to encrypt the traffic. These are the reasons why I have SSL set up. You are welcome to access the https version of those pages.

    Unfortunately things like that are never that easy, at least the first time. In order for a web browser to accept an SSL certificate from a server, it must be signed by a certificate authority ("CA") which your browser has to know about - which is how a path of trust is established, giving you confidence that the server you are talking to is in fact that intended server. But such signatures from any of the normal crowd of CAs costs money. I can do a self-signed certificate but that defeats the whole point of the signature process (and you'll definitely get a browser warning about an unknown CA in that case).

    There is one CA out there that is community supported and will issue signed certs for free: www.cacert.org. The SSL server cert for the www.isely.net site is properly signed by cacert. But... In order for your browser to recognize that signature, cacert's root certificate must be in your browser's list of known CAs and unfortunately this will likely not yet be the case for you.

    The upshot of all this is that when you access the SSL version of this site for the first time, you may get a browser warning explaining that www.isely.net can't be verified as a trusted site. If this happens you can usually either elect to trust my site anyway, or (and this is more elegant) you can install cacert's root certificate in your browser beforehand. Installing a root certificate is very easy; you only need to click on its link and the browser (well, Firefox at least) will prompt you through the process. Here's the link for cacert.org's root certificate:

    http://www.cacert.org/certs/root.crt

    If you don't trust clicking a random link for such a thing - and I'm paranoid so I wouldn't trust it - there are other ways to get that root certificate. (Maybe you should just mouse paste the link text to be sure...) One easy method if you're running Debian is to load the latest version of the ca-certificates package, whereupon you'll get a copy of the cert put into your system. The cert path in that case will be:

    /usr/share/ca-certificates/cacert.org/cacert.org.crt

    Paste that into your web browser to install the certificate. You only need to do this once; all subsequent accesses to anything under https://www.isely.net will automatically validate without any further annoyance.

    Gee, isn't SSL such fun? Not.



    About this site

    The machine hosting this site is running the Debian GNU/Linux operating system.

    The web server of choice here is Apache 2.0.

    Mailing list software in use here is Mailman



    Debian Apache