Shibboleth opensaml – FatalProfileException – Message was signed, but signature could not be verified

Client asked to update our cert to their adfs. Couldn’t find a good way to troubleshoot this using google so started to examine all the configuration files in /etc/shibboleth.

Led me to federationmetadata.xml.

Found section keydescriptor that looked like a certificate so I added a new section with the new cert.

<KeyDescriptor use="signing">
<KeyInfo xmlns="">

SSL/TLS Strong Encryption: How-To

# "Modern" configuration, defined by the Mozilla Foundation's SSL Configuration
# Generator as of August 2016. This tool is available at
SSLProtocol         all -SSLv3 -TLSv1 -TLSv1.1
# Many ciphers defined here require a modern version (1.0.1+) of OpenSSL. Some
# require OpenSSL 1.1.0, which as of this writing was in pre-release.
SSLHonorCipherOrder on
SSLCompression      off
SSLSessionTickets   off


ntpq -pn

[email protected]:~# ntpq -pn                                                                         
     remote           refid      st t when poll reach   delay   offset  jitter                  
-    3 u   30   64    1    1.182   -0.029   0.000                  
+    .GOOG.           1 u   20   64    1   52.571    0.660   0.240                  
+    .GOOG.           1 u   20   64    1   36.033    1.016   0.176                  
-    .GOOG.           1 u   24   64    1  140.712    1.154   0.286                  
*   .GOOG.           1 u   23   64    1  126.636    1.082   0.233


Magento – Add images/icons to attribute options to replace placeholder image of your Magento products page


view.phtml around line 100 replace the if statement

<?php if($_item->getColor()): ?>

$optionId = $_item->getColor();
$optionIdurl = Mage::helper('attributeoptionimage')->getAttributeOptionImage($optionId)

<a href="#" class="color_swatch">

<?php if (strpos( $this->helper('catalog/image')->init($_item, 'small_image')->resize(100, 150), 'placeholder')) {
<img src="<?php echo $optionIdurl; ?>" />
} else {
<img src="<?php echo $this->helper('catalog/image')->init($_item, 'small_image')->resize(100, 150); ?>" />
<?php } ?>

<?php endif; ?>



some backup links using rsync

ElkarBackup is a free open-source backup solution based on RSync/RSnapshot

Automated Rsync Backup


Here’s how to setup an automated backup process using Rsync.

1. Test rysnc using a password. Here we will be copying files from /src-dir to /dest-dir on [email protected]

> rsync -rvz -e 'ssh -p 22' --progress /src-dir [email protected]:/dest-dir

2. Now let’s automate Rsync. Create the public and private keys on the source machine.

 > ssh-keygen

3. Copy the public key to username’s ~/.ssh/authorized_keys file in the destination machine.

 > ssh-copy-id "[email protected] -p 22"

4. Test SSH using key authentication.

> ssh "[email protected] -p 22"

5. Test Rsync using key authentication.

> rsync -rvz -e 'ssh -p 22' --progress /src-dir [email protected]:/dest-dir

6. Add Rsync to daily cron.

> cd /etc/cron.daily/
> echo 'rsync -rz -e "ssh -p 22" /src-dir [email protected]:/dest-dir' >> rsync.cron
> chmod u+x rsync.cron

7. In case you want to use a password instead (not recommended), you can use sshpass.

> rsync -rvz -e 'sshpass -p password ssh -l username -p 22' --progress /src-dir [email protected]:/dest-dir


Percona cluster failed

one of the nodes failed then the whole cluster went down.

shutdown mysql on all nodes

cat /var/lib/mysql/grastate.dat

check which node has the highest seq number

boot strap that node

service mysql bootstrap-pxc

then start the next node but before that

mv /var/lib/mysql/grastate.dat ~

service mysql start

this will start a full resync

wait till it finishes then start the same process on the next node.

WTF – VMware Update Manager 6.0 Install

I remember installing this was much easier back in da day….

First problem

Trying to find vmware update manager. There is no download link for it on vmware website. After much searching you’ll find it in the vcenter iso.

Second problem

.net 3.5 sp1 installation in windows 2012 can only be done through server manager. This is a big WTF. If your server isn’t online you need to run some command line that downloads it from a mounted windows 2012 iso. My server was having problems updating because of some firewall policies. Took a long time to figure this out.

Third problem

installing update manager needs a ODBC connection. I remember in the past it would install sql express but now you gotta do everything manually. Had to download sqlexpress. I downloaded 2014 microsoft sql express 64 and then needed sql server management studio to create a database. Well VUM doesn’t support 64-bit, you need to setup a 32-bit sql. And 32-bit mssql only works with 32-it sql server management studio. Finally after setting up ODBC I was able to complete the install.

Fourth problem

yes last problem. after all was said and done, vum service wasn’t talking to the database properly. The error didn’t say it couldn’t talk to database so couldn’t figure out for a while was wrong. I was looking up a bunch of stuff that didn’t help. Finally decided to look at event viewer. I should’ve done this first. Found that the SQL user SYSTEM was trying to access the db no permissions. I went to service manager and changed in properties, login as the administrator.



Shitty documentation installing magmi

When you install magmi and you access magmi/web/magmi.php initial login/pass will be “magmi/magmi”. After you setup db connection info it will use magento back office login/password.

create magmi/.htaccess

Order deny,allow
Deny from all

then create magmi/web/.htaccess

Order allow,deny
Allow from all
RewriteEngine On
RewriteCond %{HTTP:Authorization} ^(.+)$
RewriteRule .* – [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

Add passphrase to private key

You can still add a passphrase to a private key even after a certificate is generated.

openssl rsa -des3 -in your.key -out your.encrypted.key

mv your.encrypted.key your.key

the -des3 tells openssl to encrypt the key with DES3.

remove it

openssl rsa -in your.key -out

you will be asked for your passphrase one last time by omitting the -des3 you tell openssl to not encrypt the output.

mv your.key

FUCK: syntax error in /etc/sudoers file

[email protected]:~$ sudo
>>> /etc/sudoers: syntax error near line 33 <<<
sudo: parse error in /etc/sudoers near line 33
sudo: no valid sudoers sources found, quitting
sudo: unable to initialize policy plugin


[email protected]:~$ pkexec visudo -f /etc/sudoers
==== AUTHENTICATING FOR org.freedesktop.policykit.exec ===
Authentication is needed to run `/usr/sbin/visudo' as the super user
Multiple identities can be used for authentication:
 1.  Admin User,,, (adminuser)
 2.  ,,, (krypt)
Choose identity to authenticate as (1-2): 2


svchost.exe high cpu on windows 7

svchost.exe high cpu on windows 7

used process explorer to figure out what service is taking up all the cpu. process explorer is a free tool from microsoft.

found it was dnscache.

read here to try disabling the dns service. I disabled the service and DNS resolution was working, but after a while it would stop and after reboots it wasn’t working either. Found at the bottom of the forum that processing the hosts file is what’s causing the slow down. Even though my hosts file had some entires from spybot it wasn’t huge. I replaced c:\windows\system32\drivers\etc\hosts with an empty and cpu usage was back to normal.


Pagespeed higher score for magento with cache-control

Add this at the end of .htaccess file

<IfModule mod_expires.c>
ExpiresActive On
ExpiresByType image/jpg "access 1 week"
ExpiresByType image/jpeg "access 1 week"
ExpiresByType image/gif "access 1 week"
ExpiresByType image/png "access 1 week"
ExpiresByType text/css "access 1 week"
ExpiresByType application/pdf "access 1 week"
ExpiresByType application/javascript "access 1 week"
ExpiresByType application/x-javascript "access 1 week"
ExpiresByType application/x-shockwave-flash "access 1 week"
ExpiresByType image/x-icon "access 1 week"
ExpiresDefault "access 1 week"
<IfModule mod_headers.c>
 <FilesMatch ".(js|css|xml|gz|html)$">
   Header append Vary: Accept-Encoding
Header set Connection keep-alive



Create Download CMS Page on OpenCart 2.x Quick and Dirty



<?php echo $header; ?>
<?php echo $content_top; ?>
<div class="container">
 <div class="row"><?php echo $column_left; ?>
   <?php if ($column_left && $column_right) { ?>
   <?php $class = 'col-sm-6'; ?>
   <?php } elseif ($column_left || $column_right) { ?>
   <?php $class = 'col-sm-9'; ?>
   <?php } else { ?>
   <?php $class = 'col-sm-12'; ?>
   <?php } ?>
   <div id="content" class="<?php echo $class; ?>"><?php
//echo $my_custom_text;
//      var_dump ($download_result);
if ($download_result->num_rows > 0) {
   // output data of each row
   foreach ($download_result as $row){
       if ($row["download_id"]) {
       echo "<div class='download'>ID: " . $row["download_id"]. " - <a href='/system/download/" . $row["filename"]. "'>Download: " . $row["mask"] . "</a></div><br>";
} else {
   echo "0 results";
?><?php echo $content_bottom; ?></div>
   <?php echo $column_right; ?></div>
<?php echo $footer; ?>


class ControllerDownloadDownload extends Controller {
public function index() {
// set title of the page
$this->document->setTitle("My Download Page");

// define children templates
$data['column_left'] = $this->load->controller('common/column_left');
$data['column_right'] = $this->load->controller('common/column_right');
$data['content_top'] = $this->load->controller('common/content_top');
$data['content_bottom'] = $this->load->controller('common/content_bottom');
$data['footer'] = $this->load->controller('common/footer');
$data['header'] = $this->load->controller('common/header');

// set data to the variable
$data['my_custom_text'] = "This is my custom page.";
   $sql = "SELECT * FROM oc_download";
   $download_result = $this->db->query($sql);
//      var_dump ($download_result);
       $data['download_result'] = $download_result;

// call the "View" to render the output
if (file_exists(DIR_TEMPLATE . $this->config->get('config_template') . '/template/download/download.tpl')) {
$this->response->setOutput($this->load->view($this->config->get('config_template') . '/template/download/download.tpl', $data));
} else {
$this->response->setOutput($this->load->view('default/template/download/download.tpl', $data));

go to

reference:–cms-21737–cms-22054 – read comments for 2.x

[Prestashop] How to fix edit product and delete product in back office order

Test should work for any 1.6.x.x, but only tested on,, and

There is a problem with the token. orders.js is the new file and orders.js.bak is the original js file. You will see the token is pulled from the url/href.

[email protected] [/home/bozzolo/www]# diff js/admin/orders.js js/admin/orders.js.bak
< 				token: window.location.href.split('token=')[1].split("&")[0],
> 				token: token,
< 			query = 'ajax=1&token='+window.location.href.split('token=')[1].split("&")[0]+'&action=editProductOnOrder&id_order='+id_order+'&';
> 			query = 'ajax=1&token='+token+'&action=editProductOnOrder&id_order='+id_order+'&';
< 		var query = 'ajax=1&action=deleteProductLine&token='+window.location.href.split('token=')[1].split("&")[0]+'&id_order_detail='+id_order_detail+'&id_order='+id_order;
> 		var query = 'ajax=1&action=deleteProductLine&token='+token+'&id_order_detail='+id_order_detail+'&id_order='+id_order;


Fix for this: Can’t edit/add ordered products in an order page

[ERROR] WSREP: failed to open gcomm backend connection: 131: invalid UUID: 00000000 (FATAL) at gcomm/src/pc.cpp:PC():271

Headache: [ERROR] WSREP: failed to open gcomm backend connection: 131: invalid UUID: 00000000 (FATAL)
at gcomm/src/pc.cpp:PC():271


rename /var/lib/mysql/gvwstate.dat to /var/lib/mysql/gvwstate.dat.bak

service mysql start

Magento – Menu toggle dropdown broken in left column


moved javascript to the very bottom


var elm=jQuery(this),name=jQuery(this).attr('data-name').split('-')[1];
jQuery('.toggle-'+name).slideToggle( "slow",function(){
if(elm.text()==='- '){
elm.find('span').text('+ ');
elm.find('span').text('- ');


Magento – swatches slowing down site

The category page aka product-list page was really slow to load, about 25 seconds plus

To troubleshoot Magento’s cpu usage, first enable varien profiler

You can also try aoe_profiler

Found out it was the configurable swatches.

Tried the first method in this post.

My load time went from 25s to 10s. Then I tried the 2nd post which points to

Load time went down 3s

BTW I am running Magento

import sample magento magmi configurable product csv

I used the export all products dataflow as a template then started modifying it from there. Put configurable product at the end.

Added + in front of image url so that it will not add as exclude image

added 3 columns: media_gallery,super_products_sku,configurable_attributes

Used magmi to import the csv

in magmi enabled itemprocessors, “Magmi Optimizer, Magmi Magento Reindexer, Image attriutes processor, On the fly indexer, Configurable Item Processor”

BTW this was done on Magento 1.9.x

copy and paste as csv file and open in csv viewer like openoffice or excel


admin,base,Clothing,simple,,taka012c-Royal Blue-L,0,taka Knit Top-Royal Blue-L,,,+,,,,taka-knit-top-royal-blue-l,taka-knit-top-royal-blue-l.html,,1 column,Product Info Column,,,, ,Use config,Use config,No,No,Royal Blue,Enabled,No,Not Visible Individually,Taxable Goods,Casual,Knits,Short Sleeve,,L,,Female,”Loose fitting from the shoulders, open weave knit top. Semi sheer. Slips on. Faux button closure detail on the back. Linen/Cotton. Machine wash.”,The demure taka Knit features a semi sheer open weave and a forgiving silhouette. A nude camisole underneath keeps a stylish but conservative look.,,,3/1/13 0:00,,3/1/13 0:00,,,,210,,1,,,100,0,1,0,0,1,1,1,0,1,1,,,1,0,1,0,1,0,1,0,0,0,1,taka Knit Top-Royal Blue-L,0,simple,,,,,,,,/1/_/1_3.jpg;/2/_/2_2.jpg;/3/_/3_2.jpg;/4/_/4_2.jpg;/5/_/5_2.jpg,,
admin,base,Clothing,simple,,taka012c-Royal Blue-M,0,taka Knit Top-Royal Blue-M,,,+,,,,Taka-knit-top-royal-blue-m,Taka-knit-top-royal-blue-m.html,,1 column,Product Info Column,,,, ,Use config,Use config,No,No,Mint,Enabled,No,Not Visible Individually,Taxable Goods,Casual,Knits,Short Sleeve,,M,,Female,”Loose fitting from the shoulders, open weave knit top. Semi sheer. Slips on. Faux button closure detail on the back. Linen/Cotton. Machine wash.”,The demure taka Knit features a semi sheer open weave and a forgiving silhouette. A nude camisole underneath keeps a stylish but conservative look.,,,3/1/13 0:00,,3/1/13 0:00,,,,210,,1,,,100,0,1,0,0,1,1,1,0,1,1,,,1,0,1,0,1,0,1,0,0,0,1,taka Knit Top-Royal Blue-M,0,simple,,,,,,,,/1/_/1_3.jpg;/2/_/2_2.jpg;/3/_/3_2.jpg;/4/_/4_2.jpg;/5/_/5_2.jpg,,
admin,base,Clothing,configurable,”10,11″,taka012c,1,taka Knit Top,,,+,,,,taka-knit-top,taka-knit-top-1046.html,,1 column,Product Info Column,,,, ,Use config,Use config,No,No,,Enabled,,”Catalog, Search”,Taxable Goods,Casual,Knits,Short Sleeve,,,,Female,”Loose fitting from the shoulders, open weave knit top. Semi sheer. Slips on. Faux button closure detail on the back. Linen/Cotton. Machine wash.”,The demure taka Knit features a semi sheer open weave and a forgiving silhouette. A nude camisole underneath keeps a stylish but conservative look.,,,3/1/13 0:00,,3/1/13 0:00,,,,210,,,,,0,0,1,0,0,1,1,1,0,1,1,,,1,0,1,0,1,0,1,0,0,0,1,taka Knit Top,0,configurable,,,,,,,,;;,”taka012c-Royal Blue-L,taka012c-Royal Blue-M”,”size,color”

PHP message: PHP Fatal error: Class ‘SoapClient’ not found in …..php on line 134″ while reading response header from upstream, client:, server:, request: “GET /zeki893.php HTTP/1.1”, upstream: “fastcgi://”, host: “”


"PHP message: PHP Fatal error: Class 'SoapClient' not found in /usr/share/nginx/html/app/code/core/Mage/Usa/Model/Shipping/Carrier/Fedex.php on line 134" while reading response header from upstream, client:, server:, request: "GET /zeki893.php HTTP/1.1", upstream: "fastcgi://", host: ""


yum install php-soap

some stuff nginx stuff

Magento Customer List in Back Office Only One Page of Records

Thank you kalpesh!!!! I’ve had problem for a long time only showing one page of Customers in my ‘Manage Customers’ list and I was running I just upgraded to and finally decided to try to tackle this issue while I was working on the server. Found this post, and now I can see all 5000+ customers.
I wonder why Magento hasn’t fixed this issue since version 1.5!!!!

Copy Db.php file from magento / lib / Varien / Data / Collection / Db.php
Paste it to your local directory so the resultant folder structure would look like this:
magento / app / code / local / Varien / Data / Collection / Db.php

Now open this file to edit and replace getSelectCountSql function with below one

public function getSelectCountSql()

        $countSelect = clone $this->getSelect();

        if(count($this->getSelect()->getPart(Zend_Db_Select::GROUP)) > 0) {
            $group = $this->getSelect()->getPart(Zend_Db_Select::GROUP);
            $countSelect->columns("COUNT(DISTINCT ".implode(", ", $group).")");
        } else {
        return $countSelect;

Observium client setup notes

observium server on ubuntu

observium agent

wget http://x.x.x.x/apache
wget http://x.x.x.x/mysql
wget http://x.x.x.x/nginx


#setup agent
apt-get -y install xinetd wget
cd /etc/xinetd.d/
wget http://x.x.x.x/observium_agent_xinetd
cd /usr/bin/
wget http://x.x.x.x/observium_agent
chmod 775 /usr/bin/observium_agent
mkdir /usr/lib/observium_agent
mkdir /usr/lib/observium_agent/local
service xinetd restart
#monitor with mysql agent
apt-get -y install php5-cli php5-mysql
cd /usr/lib/observium_agent/local
wget http://x.x.x.x/mysql
chmod 775 mysql
echo "<?php \$mysql_user = 'observium_mon'; \$mysql_pass='xxx'; ?>" > /usr/lib/observium_agent/local/mysql.cnf

mysql -e "GRANT SUPER, REPLICATION SLAVE, PROCESS ON *.* TO 'observium_mon'@'localhost' IDENTIFIED BY 'xxx';"
apt-get -y install snmpd
cd /usr/bin/
wget http://x.x.x.x/distro
chmod 775 distro
cd /etc/snmp/
mv snmpd.conf snmpd.conf.orig
wget http://x.x.x.x/snmpd.conf
service snmpd restart

compiling cacti-spine 0.8.8d with mariadb on centos6

get the other libraries snmp, ssl, etc

yum install MariaDB-devel
ln -s /usr/lib64/mysql/
ln -s /usr/lib64/mysql/

then compile
if you get this error during make
common.h:143:18: error: mib.h: No such file or directory


cp /usr/include/net-snmp/library/mib.h .