Sunday 14 November 2010

Ipad update and more problems with mail and SSL.

Well, I know a few people did not like how negative the last entry was, however I do not really think that anyone really disagrees!

The fact is, I love using the Ipad, and it is great for viewing PDFs/Ebooks, browsing the internet and emails - Which I did a lot on Friday/Saturday (and it was a joy to use), but after that, it is just a big Ipod/Iphone and I can not really see any "extra" benefits, if anyone wants to prove me wrong or say why you like it so much, please feel free.

Anyway, now a little update about the email problem.... and a bit more technical.

My setup here is basically a bog standard mail server that uses the standard SMTP, POP3 and IMAP ports, in addition, I have port 26 for Secure SMTP and 144 for Secure IMAP.... This is in addition to ports 465 for secure SMTP and 993 for Secure IMAP which the Ipad uses as default.

The reasons for alternate secure ports is simply down to the fact a few clients had problems connecting through some ISPs that blocked. It is not really the point, AFAIK, this should not affect anything as you can configure the ports on the Ipad.

The SSL / secure ports are set in the mail server using a self signed certificate with no chain. The mail server itself was the root of this certificate. In addition, this certificate is installed on any client machines that allows it, this includes a mix of Windows, Linux and Mac machines, as well as Iphones, Blackberrys, Nokias and a bunch of other devices. Apart from one Mac machine about a week ago, there has never been any problems connecting to the server.

Now comes the tricky bit!

I found the Iphone configuration utility (Works for Ipods and Ipads!). It is a brilliant tool that allows you to see a console log of the device


I used wireshark to try and understand what is going on at a deeper level. It seems that the Ipad tries to do some "funky" stuff and if the server either does not allow SSL or has a standard certificate, there is no problem. If however you have a self signed/single chain certificate, it fails.

I tried installing the certificate, it installs without problem, but the mail just doesn't seem to work.

Next, I always wanted to have a proper signed root certificate that I can sign other certificates against - for a brief time I used the Microsoft solution but that was a while ago. I just wanted a very small easy solution, so I used OpenSSL.

I created my root certificate, distributed it to all client devices, and created a new certiicate for the mail server (with the new root in the chain). When I applied the root certificate, it worked!

In this time, I also created a new SSL certificate for my intranet, website and a few other things.

I did this on Thursday night, and I was so happy - not only did I finally have my own root certificate configured, I got mail on my Ipad!!! Everything was fast and good - it worked just as you would expect.

When I went to a business event on Friday/Saturday, everything was perfect, (even connected well to my Microsoft VPN Server). I was using the web browser and mail the entire time and I cannot say how much I enjoyed it (which being from Apple, I am ashamed to say!).

Coming home, I was feeling a little tired so stopped at a service station for a little rest (and a quick email check!) - This time it was a public WIFI point. Again, after getting a little confused by the BT Opezone sign on system (I don't like the way Ipad opens up the page, and if you cancel, it disconnects... I found it a little weird, but I want to investigate it later), it worked fine.

Then I got home yesterday and the real fun begun. Over the trip, I must of connected to about 9 wifi points that I will never use again. One of my hates over all IOS devices is that there is no option to delete old WIFI points, so I chose the "Reset Network Settings" option... BIG MISTAKE.

(Additional Problem here, but one I can live with - even if you have a profile set that includes a WIFI SSID and code, it will keep the profile "installed" but will wipe the code - you need to retype. I can see this being a problem in enterprises as unless you have a 3G device, or reconnect it (via wire) to the configuration utility you will have to manually type it.)

Now comes the big problem - for some unknown reason, since then, MY MAIL STOPPED WORKING AGAIN.

The log shows:


I have tried everything I can imagine, deleting and reapplying the email account and the root certificate have not helped at all.

But, things get even worse now - I performed the same "reset network settings" option to the Ipod Touch here, and now it as well can no longer connect to the mail server (either unencrypted or encrypted).

In addition to this, it just appears that the root certificate does not get applied correctly - It is too hard to explain/show via Mail, so using Safari, I can show the following pictures.

Picture speak a thousand words, so here is something that I hope may help someone to help me...

Visiting an Intranet site with the Root certificate installed, or removed produces this:


Clicking details with the root installed: - Note the "Not Trusted".


Clicking on "Details" with the root removed :


Profile showing that the root is installed:



Using Safari and browsing to the certificate with the root installed (notice that it is trusted):


Using Safari and browsing to the certificate with the root removed:



Please note that even if I specifically install the certificate, it still does not work - this is not relevant as installing the root is all that should be necessary.

The last two are exactly as I expect it should work, I just can't explain the second picture - It knows the root, but isn't verifying.

This time, I have no idea. Because of all my previous problems, I can only conclude that SSL on the Ipad (and possibly other IOS devices) simply does not work as it should.

Oh - and, final note, Apple support are completely and utterly useless... their solution - "You can set up a Gmail account and forward your emails there"... When I tried to ask about SSL in particular, they put me on hold whilst they check... After the call was on for about 10 minutes, they hung up. Next call, I spoke to an idiot. Apple really do not make it easy for someone to try to like them...

I have tried reporting this, ask for help/feedback, but I am just getting no where. If anyone wants an email account on one of my servers, the public root certificate, a link to an SSL site protected by the root, or anything - I am happy to help if you think you can help!

Wednesday 10 November 2010

My Ipad two day review

Well, I recently won an Ipad from a competition at a London Trade show after setting up a Coraid SAN in 10.6 seconds!

Well, what can I say... I hate Apple, but this is a bloody nice device! - I can't honestly say I think it is worth its price or would I have paid for it, but I do like it.

From the moment I first lifted it out the box, I thought it was a lot heavier than it looks. Having only previously seen pictures or other people with them, this caught me off guard!

I think after using Microsoft Surface for a few days a while ago, it is amazing to use Google Maps and manipulate a map in your hands! ... (Hey, have to mention MS somewhere!...), When I first saw MS Surface, I thought it was amazing - and has many benefits not in any other product, but it just is not being brought to mass market (Price, Size etc.), so I am happy to see some of this technology go mainstream, even if it is Apple with the Ipod Touch, Iphone or Ipad.

In addition to the above, With the release of Microsoft Kinect, I do wonder if surface will hit a dead end or merge in to something else.

I love the fact that I can use the majority of Iphone applications on it - it is a really nice feature.

Whilst messing around, in one application I rotated quite a few times, at one point I was using the device upside down without realising! It was only when I wanted to go back to the home screen I realised that the home button was at the top!

Now that I have given the positives, time for some negatives!

I will go in gently, not really a negative, but I wonder why the keyboard has the "touch/feel" positioning lines on "F" and "J", Just seems a little weird.

I would say, what I hate more than anything is that Apple have tried in most areas to go for simplicity over configuration/micro management. If they were to add just a few more features, it would make me so happy, For example (some apply to Ipod Touch/Iphone as well):

When connecting to wireless networks, it saves the connection so you can connect again later - You can only delete previous connections when you are in range of the network. From what I have read, you have the option to go in to "Settings > General > Reset > Reset Network Settings", however this just deletes them all. Would it really be so hard to have a list of previous connections?

When setting up Email accounts, you cannot configure anything advanced until after the initial setup, then you can change port numbers and more - Why can't they just have an advanced button and save you a bit of time.

Next, Consistency! This really surprises me being from a company that pretty much forces a single style on their desktop OS, but what gets on my nerves the most is how it appears to be random if you can or cannot rotate the screen to get a bigger keyboard. When turned it on for the first time, I went straight to the Maps application, it found my wireless connection and asked me to connect, but I fancied rotating, however it locked in to portrait mode and would not give me a bigger keyboard.

Going in to the Itunes Store from the device showed some weird and just bad styles. For example, I was browsing the TV episodes section and there is text that does not fit the buttons / style of the application either in portrait or landscape.

In my honest opinion, it is a lot better on the Ipad than on the Iphone/Ipod touch, however it can still catch me by surprise and I wish it was universal. There are a few other things I can mention on this, but I would rather wait until I have played a little longer.

The initial setup wasn't perfect - The first time I plugged it in, It started by saying that I previously plugged in this device and would I like to restore an image from an Ipod Touch (Before you say - did he purchase something from Apple - NO! It was my brothers before he got an Iphone!). I have no idea what would of happened if I continued. After this, Why on earth do Apple need so much information to set up a device... And I made a little image of what I think of the EULA (below).


When I finished this and it was time to actually sync, I thought I only had a few Gigs of data to transfer, however I didn't realise that it would copy across 16GB (well, 14GB according to Apple, I won't go in to that!) - so I can let it off the 4+ hours it took - However, it is still a lot of time with just a crappy little bar. Would it be too hard to give a bit of technical data that says xx/xxGB, or time remaining etc.

Getting deeper in to Itunes!... What can I say... Well, it isn't as bad as I thought it was. I have to do a lot of tweaking, disable update service, make sure it doesn't start with the computer etc. however, when actually in it, I like how it "brings things together", I am addicted to Itunes U, and podcasts.

Praises aside, I hate the music player/organiser, I think it would be so much better if it just supported the ability to sync music folders over - like you can with pictures.

I hate how slow Itunes in general is. When I want to the Itunes store, I hate the wait after clicking on something to download then having to wait after clicking the back button. I can understand multi tabs not being user friendly, but I would just love for something to be improved here.

When browsing a device, the applications section (Granted I have quite a few) is pretty slow, on the verge of unusable.

Next, again, I do have a lot of applications, but when going to the left most of the home screen to the search feature, it hangs for a few seconds after typing the first letter. I am surprised the device does not have better indexing/searching.

Camera - Ok, I can see that it doesn't really go, and I can understand why Apple left it out, but still, it would be nice for just a basic low res camera in the back or something like cheaper tablets have.... I have seen many Ipod AR applications and I think this could of been amazing on a bigger screen.

GPS - Again, the big screen seems to go to waste... I know the Ipad isn't a GPS device, but I still think that when paying all that money, it isn't a lot to ask for when the cost of GPS modules is insignificant and what it can add to the device.

Basic tools - Stop Watch, Timer, Alarms, Calculator etc. Do Apple just hope/think everyone has an Iphone? Even if they did, would it of killed them to add these applications? It would be nice to have a full graphing calculator, but I just think it is a shame not to even have a basic one. I don't want to purchase applications that do these features, or want a free one that has adverts all over it. I just think it is a real shame that these are not included by default.

Syncing (again) - Apple has so many technologies it loads up with Itunes (some good, some not so) - I just can't believe that they haven't got full syncing over wifi - I am guessing that this is simply because of them thinking it will take ages for large apps or movies etc, however, that is where having a descent progress bar that can tell you where you are can help! Right now, when I sync, and if it performs an automatic backup, I don't know if it is going to be a two minute job or over half an hour... annoying.

Video saving. - Just during my messing around, I wanted to try that Talking Tom application that I have heard. so much about... I love it! I recorded a video and sent it via email, however I then went in to saved messages to try and save a copy / spy on how the Ipad handles attachments, and I tried to click on it then the download, but it just did nothing. I am unsure if this is related to my next problem... the big one...

Email... No matter what I do, I cannot get this to work. If you want to know the real technical details, I have said everything on the Apple Stack Exchange Site and the Apple Support Forums - to this moment, I have not had a response. In addition, there is a bug that prevents the deletion of SMTP servers with the same name as the main account. Renaming first allows you to delete fine.

Without going in to too many details, I have a semi-advanced setup - A self signed root certificate and Imap/SMTP on non standard ports. No matter what I try, I just can't receive emails. I am sure this is a bug as I have no problem on any other device - my Ipod touch or my brothers Iphone - or for a lot of my clients with I that I host for (although, I don't know if anyone else uses an Ipad).

I have to say, this is a big one and something that annoys me the most, if it doesn't get resolved, I will be mad.

I just wanted to say, I thought that the Ipod Touch (I think second generation) was amazing for it's size, but still quite big. After using the Ipad, when I pick up the Ipod, it feels amazing just how small the thing is, the screen feels absoloutely squished and minute!

It is as if my mind has reversed the order they came out in - Rather than thinking of the Ipad as a big Ipod/Iphone, It just seems like the Ipod/Iphone is a small Ipad! As someone who likes to get inside electricals, I do wonder why the Ipad is as big as it is - if it is not more powerful than an Iphone 4g - (with the exception of a bigger screen), why is it so much bigger/heavier, unless it is all battery back there? I may be wrong here, I welcome comments!

Well, I think that is about it for this one! I hope this has been a good read. I won't lie and I said it before, I am pretty much an Apple (company) hater, but I can appreciate good hardware from whatever company it comes from. If I had a Ferrari, I could probably find flaws with a floor mat - these are just my oppinions from using the device for a few days.