Rapid Web News

A variety of Internet firms have stated that online video streaming records have been broken over the course of the UK’s recent royal wedding.

“The royal wedding has broken records for the biggest ever live streaming audience online, according to a internet firms.

…

The BBC website meanwhile wobbled under the strain this morning as huge numbers of Britons accessed its coverage.

Visitors were intermittently greeted with an error message saying the website was experiencing “abnormal traffic” around the climax of the ceremony after 11am.

A spokesman said: “We are experiencing some technical issues with BBC Online due to the sheer weight of traffic, which may cause the site to be slower than normal in some cases.”

Other major websites appeared to be cope with the royal wedding, an event that was widely expected to break traffic records.

YouTube’s live stream, which was expected to attract 400 million viewers, ran smoothly.

…

Akamai, a major traffic carrier, said that its own record of 1.6 million concurrent live streams during the World Cup was broken.

And Livestream, which provided online video for the Associated Press and CBS, also said the royal wedding was its most popular stream ever.

It is likely to take several days before a complete picture of how many watched the royal wedding online emerges, however.

Network upgrades by mobile operators along the royal wedding route were successful in ensuring that well-wishers were able to call, text, tweet and update Facebook.

O2 and Vodafone installed temporary network base stations around Hyde Park and St James’ Park to double capacity. A spokesman for O2 said it was braced for 65 million royal wedding pictures to be posted online from smartphones.”

The Telegraph

The inventor of the web has said that governments must act to preserve the principle of net neutrality.

Sir Tim Berners-Lee told the BBC that legislation may be needed if self-regulation failed.

He been asked by the UK government to negotiate an agreement on an open internet between service providers and content firms like the BBC and Skype.

Sir Tim would prefer self-regulation by the internet industry, but progress has been slow.

“If it fails the government has to be absolutely ready to legislate,” he said.

“It may be that the openness of the internet, we should just put into law.”

Net neutrality, the idea that all traffic on the internet should be treated equally, has been a controversial issue in the United States and is now moving up the political agenda in the UK.

Net neutrality is an important issue in Internet related politics. Without net neutrality, Internet service providers could offer packages in which certain online services, such as video streaming websites, e-commerce websites or certain web applications have increased priority over other web services.

The concept of net neutrality is such that all data traffic on the Internet is treating in an equal manner.  This is already becoming an issue in the case of Internet services providers which shape traffic of certain types. This is often done to curb data usage for high-use customers. However, when other traffic is prioritised and ISP to Internet/web company partnerships come into existence, this could mean that we see ‘packages’ of Internet access which allow faster access to certain websites while leaving other sites (who may not be able to partner with ISP financially) out in the cold.

This is a technical post provided as advice to server administrators having issues with the HSBC payment gateway system.

HSBC have recently updated the SSL certificates on their payment gateway system. However it seems they did not provide the intermediate certificates for the certificate authority they used. This leaves the job of updating the CA bundles up to HSBC’s clients. The following advice refers to resolving the issue on a Linux server.

Step 1 – Check the problem is definitely related to an SSL Certificate mismatch

To do this, it is best to simply request the main secure-epayment API via curl. Running the following command will suffice.

curl https://www.secure-epayments.apixml.hsbc.com

If this issue is present, you will likely see a message such as the one below. If you do not see this message or one similar, the issue is likely to be unrelated and we recommend you contact HSBC’s epayments support line to resolve the issue.

 curl: (60) SSL certificate problem, verify that the CA cert is OK. Details:
 error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
 More details here: http://curl.haxx.se/docs/sslcerts.html

 curl performs SSL certificate verification by default, using a "bundle"
  of Certificate Authority (CA) public keys (CA certs). The default
  bundle is named curl-ca-bundle.crt; you can specify an alternate file
  using the --cacert option.
 If this HTTPS server uses a certificate signed by a CA represented in
  the bundle, the certificate verification probably failed due to a
  problem with the certificate (it might be expired, or the name might
  not match the domain name in the URL).
 If you'd like to turn off curl's verification of the certificate, use
  the -k (or --insecure) option.

Step 2 – Update the CA bundle on your server

Obviously it is possible to remove the verification of the SSL certificate, but this is heavily not recommended due to potential negative security implications. To update the CA bundle file from the curl website, use the following commands. Note that may have to adjust to certs path mentioned to conform to the distribution and configuration of your operating system. Also, it is recommend to back up any existing ca-bundle file and any related configuration.

 cd /etc/pki/tls/certs/
 wget http://curl.haxx.se/ca/cacert.pem
 mv cacert.pem ca-bundle.crt

The file available from the CURL site shown above is generated weekly from the latest Mozilla certs, so should be reasonably up to date with all existing certificate authorities.

Step 3 – Test the CA bundle update has resolved the issue

This is merely a case of rerunning the curl command from step 1 mentioned previously. If the update has been successful you should now see the following response from HSBC (or similar) indicating a secure connection has been established.

 <?xml version="1.0" encoding="UTF-8"?>
 <EngineDocList>
  <EngineDoc>
   <MessageList>
    <MaxSev DataType="S32">6</MaxSev>
    <Message>
     <AdvisedAction DataType="S32">16</AdvisedAction>
     <Audience DataType="String">Merchant</Audience>
     <Component DataType="String">CcxXmlInput.A</Component>
     <ContextId DataType="String">CcxXmlInput</ContextId>
     <DataState DataType="S32">1</DataState>
     <FileLine DataType="S32">793</FileLine>
     <FileName DataType="String">CcxXmlInstance.cpp</FileName>
     <FileTime DataType="String">13:30:24Jul 14 2009</FileTime>
     <ResourceId DataType="S32">8</ResourceId>
     <Sev DataType="S32">6</Sev>
     <Text DataType="String">The HTTP method received is not valid.  Only POST is accepted.</Text>
    </Message>
   </MessageList>
  </EngineDoc>
 </EngineDocList>

Step 4 – Restart any dependant services

This step may or may not be required depending on your software and/or configuration. You may need to restart any services which are dependent on the updated CA bundle.

For example, the following commands are commonly used to restart the Apache 2 webserver.

/etc/init.d/apache2 restart

/etc/init.d/apache restart

/etc/init.d/httpd restart

I hope this article aids any server administrators currently experiencing issues due to the recent HSBC epayments SSL certificate update.

Feel free to discuss this issue further in the comments section below.

Google have paid special attention today to users of Google Chrome who have difficulties keeping up with their web browser’s general speed. To aid in this they have released a finger exercise program dubbed the ‘Chromercise’ routine. They have released a instructional video to demonstrate the required exercise structure and all relevant safety precautions requires to perform Chromercise exercises prior to the user of the Chrome web browser.

Although we are not offering dedicated Chromercise instruction here at Rapid Web, we are beginning to enforce these as part of our regular health and safety routine. If you would like further advice on these procedures, please see the relevant Chromercise documentation.

It’s April Fools’ day today. It has come around quickly and I remember writing last year’s April Fools’ post regarding the crazy things large web companies has done.

In other completely unrelated news, Google have released a new motion control system, akin to the Wii’s controllers, Xbox connect and the PlayStation Move system. It is called ‘Google Motion’ and as per the majority of new Google products, it is currently considered beta. Take a look at the awesome video demonstrating Google Motion beta and its advanced universal gesture recognition system below.

Looks very impressive. We’ve already started making use of the new system for our internal development meetings. It both increases productivity and also gives us all a decent workout.

If you have any awesome April Fools’ jokes you’ve played this year on your website or in your workplace, feel free to put them in the comments. I’d be interested to hear what pranks have been played!

In terms of today’s customer service, as always, feel free to contact us. If you’d like to get yourself in on the April Fools’ day jokes and give your website an unexpected face-lift, feel free to give us a call.