Roland Häder pinned item friendica

Cunnilingus and Fellatio, a dying "specicies"?

According to a statistics done by German # only 51% of all German males are into giving oral sex (# for straight and # for gay/bisexual accumulated) while 56% are into receiving (# ) it. While for females it is even a little lesser, 48% are into receiving it while 45% are into giving it. As it seems, also lesbians are counted in here, but are a minor compared to straight females.

The actual graphs and tables can be found here: So far I can tell that there is no "disgusting" or "unhealthy" thing on giving Cunnilingus (in English, licking # ) simply because I have done it a lot on many different women and so far no tongue or throat # has happened to me. :-p And yes, beside that, there is no "fish shop" down there for me. :-)

I like to ask the whole # about this matter. Is that true with you? Disclaimer: Do not come up with some religious-nonsense or other hatred/disapproving/other nonsense here. I'm asking for a Yes or a No and if so, please more details (being passive/active).

Roland Häder pinned item friendica

Any listening group/forum out there?

I wonder if there is any !listening group/forum out there? Because the old one seems to be closed down. Please re-share if you don't know!

New SSL CSR doesn't want to validate with local CA file

I have created a new certificate for another sub domain. But now it got stuck with a typcial error message:
The Subject's Distinguished Name is as follows
countryName :PRINTABLE:'DE'
stateOrProvinceName :ASN.1 12:'Northrhine-Westphalia'
organizationName :ASN.1 12:'Roland Haeder'
organizationalUnitName:ASN.1 12:'private'
commonName :ASN.1 12:'some.bla.domain'
emailAddress :IA5STRING:'webmaster@shipsimu.de'
The stateOrProvinceName field needed to be the same in the
CA certificate (Northrhine-Westphalia) and the request (Northrhine-Westphalia)

Well, it looks like the same, right? But it is not, use openssl asn1parse </etc/ssl/your/certs/ca.pem to examine your CA file. Then do the same with the CSR file. And you might see the difference: UTF8STRING and PRINTABLESTRING was here the case.

Well, here you have it. Now go to your openssl-ca.cnf file and fix string_mask to utf8only (or otherwise your certificate's configuration file). I'm currently testing UTF-8 in SSL certificates with my server.

Let's Encrypt!

I have now installed a better #SSL certificate issued by #LetsEncrypt and with the help of this #python script: https://github.com/diafygi/acme-tiny

Plus I have used a largely expanded #shell script:

But now my SSL sites got rated with B by #SSLLabs because of an incomplete chain. I think I need to download the CA certificate and attach it at mine?

I also have (not yet reloaded) added DH parameters (DH = Diffie-Hellmann?) to my certificate parameters, I have read it will improve some security.
Yes, that was the case. I needed to include the certificate in my file.
Later posts Earlier posts