Skip to content

Bens IT-Comments Posts

Fixing old SHA1-infested OpenPGP keys

I recently created a new OpenPGP key for my Apache (ASF) account. Of course I wanted to sign it with my existing GnuPG key I have since 2007. To my surprise, it failed with these error messages:

gpg: Note: third-party key signatures using the SHA1 algorithm are rejected
gpg: signing failed: Invalid digest algorithm
gpg: signing failed: Invalid digest algorithm

It took me a few hours to figure out what’s wrong. Obviously something with SHA1, but GnuPG doesn’t tell you WHAT is wrong and HOW to fix it.

JAX-RS: getting helpful Json-B error messages

Json-B (not JSONB!), short for Json Binding, is a modern MicroProfile Java standard to convert json documents (json messages) to a java class and vice versa.

This standard is supported by most modern java application containers. But because of a definition gap in the Jax-RS standard, it is not as easy as initially thought to get proper and helpful error messages if an invalid JSON document is encountered in the POST request body of an endpoint. The ExceptionMapper will only work after applying a few tricks.

btrfs raid1 to combine two separate partitions

A btrfs raid1 means mirroring all data and meta data on file system level. If you ever found some of your data lost after a btrfs scrub, you might know this output:

scrub status for <UUID>
  scrub started at Thu Dec 25 15:19:22 2014 and was aborted after 89882 seconds
  total bytes scrubbed: 1.87TiB with 4 errors
  error details: csum=4
  corrected errors: 0, uncorrectable errors: 4, unverified errors: 0

If you happen to have free space on a spare disk left, you can circumvent these problems via a btrfs raid1 on filesystem level. The following article will help you migrate.