WinError 10013 when Sending Emails

In case you are intersted in sending emails from a windows machine with MacAfee Entrprise antivirus, you may end up with the “[WinError 10013] An attempt was made to access a socket in a way forbidden by its access permissions” error. To resolve it, disable the “Prevent mass mailing worms from sending mail” option under the Access Protection properties of the antivirus.

Getting back to the blog

We have all experienced quite a disruption to our lives since March 2020 due to the pandemic. One of them is the Work From Home (WFH) paradigm that so many of us have been practicing since the first lock down. This year, i.e. 2021, I will try to utilise some of the time saved due to WFH, to get back to blogging and perhaps give a new look to my website. May we all stay safe and healthy.

Monit service for your Tomcat server

I had it enough today with my My Tomcat server which occasionally runs out of memory and crashes! Therefore, I decided to install a service to monitor Tomcat and notify me if anything goes wrong. I decided to install Monit, its installation is quite straight forward unless you, like me, make stupid typos. In that case, you have no idea for example WHY you do not receive alerts in your mailbox. After installing the required packages for your linux distribution, you need to change the config file to state what is it that you want to monitor. In my case, I’m monitoring the port 8080 as added in the monit.conf file:

set mail-format {from: gmailAccount}
check host MYHEALTHFRAME_TOMCAT address 104.238.100.249
alert EMAIL1
alert EMAIL2
 if failed port 8080 protocol HTTP
 request "/"
 then alert

So basically if the request cannot be served from the port 8080, the stated emails will be notified. But don’t forget that you must mention the email server which Monit uses for sending messages. In my case, I use gmail. One extra note; if you are using gmail, you have to first login to gmail and accept the “less secure apps” option to be able to send emails remotely.

set mailserver smtp.gmail.com port 587
username "gmailAccount" password "PASSWORD"
using tlsv12

Once you’ve done this, you can enable the web-based administrator panel for Monit by adding these two lines.

set httpd port 2812 
allow USERNAME:PASSWORD

You are good to go! Enjoy maintaining your service to the world!

Participating in the ARMOR project

I participated yesterday in a study which was part of a Dutch national project called ARMOR; its goal is to develop a personalized system for training soldiers and helping them avoid injuries while training. As the first step, participants are hooked up with two sensors namely an accelerometer and a pressure sensor integrated in their boots. Then the participants are asked to walk for 30 meters while carrying different weights. This research is being conducted by Sofia Silveira, a master’s student of biomedical engineering who is doing her ERASMUS+ training program at UTwente.
ARMOR

Avoid ERR_SSL_VERSION_OR_CIPHER_MISMATCH

It’s Monday morning, you navigate to your service page and you realize that the SSL certificate has expired two days ago…

And this is how my week began! Since it was such a painful task to install the certificate on my virtual TomCat 7 server last year, I decided to follow the steps given by godaddy hoping that their tutorials had been updated. I followed these steps below. I will mention the steps things went wrong (step 2.2)

  1. Stop the tomcat service
    ps -ef | grep tomcat
    sudo kill -9 #PROCESS_NUMBER
  2. Go to my home folder
    1. generate a keystore
      keytool -keysize 2048 -genkey -alias tomcat -keyalg RSA -keystore tomcat.keystore
    2. First and Last Name— Enter your website FQDN; this is where I made a mistake. Since I had a single domain certificate, I should’ve entered myhealthframe.com but I entered *.myhealthframe.com instead and wasted 1 workday! The error I received was ERR_SSL_VERSION_OR_CIPHER_MISMATCH on chrome
    3. Enter the other required information
    4. Create the CSR (Certificate Signing Request) and send it to godaddy.
      keytool -certreq -keyalg RSA -alias tomcat -file csr.csr -keystore tomcat.keystore
  3. Download the certificates from godaddy
    1. For root certificate use gdroot-g2.crt. Download it from the repository section in GoDaddy.
      keytool -import -alias root -keystore tomcat.keystore -trustcacerts -file gdroot-g2.crt
    2. For intermediate alias use gdig2.crt. You can find it in the downloaded zip file.
      keytool -import -alias intermed -keystore tomcat.keystore -trustcacerts -file gdroot-g2.crt
    3. Finally for your domain certificate, use the numeric+alphabetic certificate.
      keytool -import -alias tomcat -keystore tomcat.keystore -trustcacerts -file A123456789.crt
  4. Update the server.xml file
    Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
       maxThreads="200" scheme="https" secure="true" clientAuth="false"
       sslProtocol="TLS" keystoreFile="path/to/keystore" 
       keystorePass="the password to your keystore" compression="on" />
  5. Start the tomcat service
    …/tomcat7/bin> sudo ./startup.sh

I hope that you wouldn’t make the same mistake and this post helps you to have a much more enjoyable Monday!