2021-Nov-27, Saturday

Raspberry Pi 4 Android Control Console

2021-Nov-27, Saturday 03:30 pm
Previously on dreamwidth:chebe we played with setting up Android on a RaspberryPi 3. Which led us to ordering a RaspberryPi 4. Well friends, it arrived. I installed the LineageOS Raspberry Pi 4 port by KonstaKANG, and set up a few things, like the Play store. It worked beautifully. We're not talking lightning fast speeds, but. it. works. So now to make it usable.

The screen and case )

The stand and arrangement )




My Android control console
Photo by [personal profile] chebe

Tags:
  • Add Memory
  • Share This Entry

Updating Let's Encrypt certs on a Raspberry Pi

2021-Nov-27, Saturday 10:33 pm
Let's Encrypt's root cert expired the end of September just gone.

For the first time since then I tried running an old python script on a Raspberry Pi. It failed with an all too familiar error message. In both python3, and with curl.

I never see these errors in my browser (because Firefox is great like that). Even when I didn't have the certs on my site fully configured it didn't matter because Firefox had the necessary root and intermediate certs.

So I tried curl on my Windows machine, and it worked, no errors. Okay, it's not the configuration of my site. It's the Raspberry Pi. I need to update its cert cache.

I found most of what I needed here. The certs I want are here. (We'll be picking up local certs, so changing into the same directory is important.)

sudo mkdir /usr/share/ca-certificates/local
cd /usr/share/ca-certificates/local

sudo wget https://letsencrypt.org/certs/isrgrootx1.pem
sudo wget https://letsencrypt.org/certs/lets-encrypt-r3.pem

sudo openssl x509 -inform PEM -in isrgrootx1.pem -outform PEM -out isrgrootx1.crt
sudo openssl x509 -inform PEM -in lets-encrypt-r3.pem -outform PEM -out lets-encrypt-r3.crt

sudo dpkg-reconfigure ca-certificates


When prompted choose 'ask'. Mark your new certs with an asterisk, choose 'ok', and wait for it to finish.

Test by trying that curl command again. All goes well, no more errors!

Great, let's try that script again. Nope! More errors. Now that our Raspberry Pi has the correct certs we need to update the python certs. Enter an interactive session and find out where it keeps these certs.
python3
import certifi
certifi.where()


It says '/home/pi/.local/lib/python3.7/site-packages/certifi/cacert.pem'. Let's replace it!

rm /home/pi/.local/lib/python3.7/site-packages/certifi/cacert.pem
cp /etc/ssl/certs/ca-certificates.crt /home/pi/.local/lib/python3.7/site-packages/certifi/cacert.pem


Test by trying that python3 script again. All goes well, no more errors! Hopefully for real this time.
Tags:
  • Add Memory
  • Share This Entry