Over the past week, I have been working very closely with the technology office to deploy Polaris. To my surprise, my first week’s work has turned out to be very challenging. I have encountered numerous problems with both the server and Polaris itself. In this blog post, I will be discussing some of these problems as well as the lessons I learned from them.
When speaking about deploying an application, you might ask: “Couldn’t it be as simple as copying and pasting the sources files from one machine to another?” The answer is “yes,” but only if it is done correctly. I have learned this the hard way.
Normally, a programmer would set up the development environment based on the deployment environment. The benefit is that when the time has come to deploy, the programmer only needs to, just as I mentioned previously, migrate all the files from the development environment to the deployment environment. Because the two environment are virtually copies of each other, there should not be any conflicts. Unfortunately, I was not aware of the specifications of the deployment server at the time when I started developing Polaris. Thankfully, with the help of T. Carl Beehler from the technology office, I was able to configure a deployment environment similar to my development environment.
Although I was able to match the correct versions of Apache server and the programming languages used in Polaris, I was not able to match the version of MySQL (database). Interestingly, the problem did not reveal itself until I attempted to load a webpage that requires MySQL to pull data from two tables. When the MySQL query (request that pulls data from a database) failed, or rather returned with an empty set of data, Polaris simply displayed a blank webpage, which made it extremely difficult to debug. Because I was already aware of the interoperability issues between different versions of MySQL, I ran a test query and found out when the two tables are “inner-joined”, no data was returned because it required data to satisfy the conditions of both table 1 and table 2. With a few tweaks to the code, I fixed this issue by switching to the “left-join” method which only requires the data to satisfy the condition of table 1.
One of the most understated features of Polaris is its support of SSL/TLS (Secure Socket Layer/Transport Layer Security). With the latest TLS 1.2 protocol, data sent between users and Polaris’ server is always encrypted. Essentially, the protocol establishes a secure connection between the browser and the server by encrypting and decrypting data using a shared secret and cryptographic algorithm. While TLS-secured websites are ubiquitous, deploying SSL/TLS is a rather laborious task.
First, I need to find a reliable Certificate Authority (CA), a third-party that issues digital certificates which are used to initialize secure connection. I initially used StartCom as the CA for Polaris. The main reason StartCom was chosen was that it was free. While I did succeed in creating a certificate from StartCom, all the browsers I tested Polaris with unanimously rejected the certificate. To resolve the issue, I immediately revoked the certificate and repeated the deployment process as described in StartCom’s documentation. However, the certificate failed again with all the browsers reporting the same error message-“Certificate is not trusted”. Baffled, I repeated the process again and again. It took me a few more tries to find out that it was indeed the CA’s issue. What happened was that StartCom has been recently acquired by another CA which was listed as “untrusted” by all of the major browser. Consequently, StartCom was added to the “untrusted CAs” list after the acquisition.
Through this experience, I have learned to trust myself. It has also become very clear to me that self-confidence is an important aspect in the field of computer science.
Thanks for reading my blog. See you next week!
If you want to learn more about SSL/TLS, this video does a amazing job illustrating idea.
Infographic Paradise. “Rocket Launch – Motion Design.” Dribbble, 6 Dec. 2016, dribbble.com/shots/3138869-Rocket-launch-motion-design. Accessed 1 Feb. 2017.
“Interlocking Puzzle Pieces Fit Together.” Ministry Insights, http://www.ministryinsights.com/interlocking-pieces/. Accessed 2 Feb. 2017.
MacEntee, Sean. “HTTPS icon.” Wikimedia, commons.wikimedia.org/wiki/File:HTTPS_icon.png. Accessed 1 Feb. 2017.