Security is now a central concern for technical people and I would argue for most consumers. It is now typical for criminals to target banks, hospitals, and other critical institutions. Privacy is also an issue that is central to a free and progressive society. One solution that gets thrown out is SSL encryption for websites and how we all now need to secure our sites with an SSL certificate. Due to the market though, SSL certificates are one of those things that companies have a hard time making money off of. Most people do not buy SSL certificates, so you wind up with a market that sells bare bones SSL certificates that range around $25 and extended validation certificates for large ecommerce websites that cost thousands of dollars. This is where Let’s Encrypt changes things. Their certificates are free and are recognized by the web browser as a valid secure certificate. This makes SSL encryption a zero cost option for millions of individual webmasters who run websites like WebKeyDesign. There is one other difference with Let’s Encrypt certificates: they are limited to 3 month intervals instead of yearly intervals. However what makes Let’s Encrypt more appealing to webmasters is that the software makes renewals automatic and there is now software integration with cPanel and Virtualmin control panels.
My personal project is a virtual machine that I keep for journal purposes. It allows me the ability to write some thoughts and archive information for later viewing. The virtual machine runs CentOS 7 Linux and can be controlled using Virtualmin. The SSL certificate that was originally setup was self-signed and so I would have to manually add the certificate to iOS, MacOS, and make exceptions in browsers in order to use the website.
Since writing this, a few things have changed. Let’s Encrypt now requires version 2 of their protocol and old clients are no longer supported. Virtualmin needs to be updated to support the new client. You can read more about the issue on this Virtualmin Forum post. To have this work, on Centos 7, do the following first and then it should work.
yum install certbot
I followed TechJourney’s excellent guide: How to Use Let’s Encrypt SSL Certificate Automatically in Virtualmin & Webmin. There were a couple of issues I found out along the way.
The tutorial did not specify the path to the client command. For CentOS, I found this to be:
This may not be needed. I was able to let Virtualmin automatically find the new client.
Let’s Encrypt SSL for Webmin Login
A secondary problem that I ran into had to do with the separate subdomains. The Apache webserver will respond on your typical www.mydomain.net and mydomain.net, however the Webmin control panel is accessible by another prefix to mydomain.net. Under Virtualmin – Server Configuration – Manage SSL Certificate, the default will be Domains associated with this server. This setting will only pull in the domains that Apache is setup for. If you want to use the Let’s Encrypt SSL Certificate for other subdomains, you have to select Domain names listed here and manually type all your subdomains. You can then under the Current Certificate tab use the Copy to options and use the same certificate for Webmin, Usermin, etc.
If you went ahead and hit the Request Certificate button and then try to add domains, the process will error out. There is no way to reset the certificates from the Virtualmin interface. To resolve the problem, use secure shell and remove the letsencryt directory.
rm -rf /etc/letsencrypt
This allowed me to use the Request Certificate option again and have all my subdomains added to the certificate.
For this review, I will discuss my experience with a different type of external SSD drive. The Mushkin Enhanced Atlas FLUX USB 3.0 mSATA III SSD Enclosure Kit (AT-ENCKIT) is about the size of Zippo lighter and weighs 2.4 ounces (not including the mSATA drive that you need to purchase separately). Most people would probably prefer a regular USB Flash type drive than this type of solution. The Atlas costs about $20 and then the needed mSATA drive that fits inside can vary from $35 and up. The primary reason I purchased the Atlas, is due to the fact that I had an mSATA drive that I could not utilize for my latest laptop project. The Intel 310 Series 80GB mSATA Solid State Drive SSDMAEMC080G2C1 is an older drive that I purchased on Amazon and which I installed in the Atlas Flux enclosure.
Mushkin Enhanced Atlas FLUX USB 3.0 mSATA III SSD Enclosure Kit (AT-ENCKIT)
- Controller: AS Media 1053E USB 3.0 Controller
- Attachment: USB Attached SCSI Protocol support
- Casing: Durable aluminum casing
- Supported Drives: Supports 50mm and 25mm mSATA drives
- USB Compatible: USB 2.0 and USB 3.0 Compatible
- Transfer Speeds: Supports SATA 1.5 Gb/s
- Plug and Play (PnP) with 3Gb/s and 6Gb/s SSDs
Intel 310 Series 80GB mSATA Solid State Drive (SSDMAEMC080G2C1)
- Capacity 80GB
- Sequential Read – Up to 200 MB/s
- Sequential Write – Up to 70 MB/s
- SATA 3.0 3Gb/S
- Intel Product Page
The installation is quite simple. Mushkin includes a tiny screwdriver, however I recommend using a higher quality Philips #00 screwdriver. I have big hands and it is easier to use a regular full size screwdriver when removing tiny screws as this. Once you remove the panel, the board inside should slide out, and you should now be able to carefully install your mSATA drive. You slide the mSATA drive at a slight angle and then push it down. A snap on clip then holds the drive in place, similar to memory DIMM slots in a laptop. Finally screw back on the panel and you are done.
On Windows 7
I tested the Atlas Flux with my Dell Latitude e5430 laptop. This laptop has three kinds of ports that this drive can connect to. There is a USB 2 port, a USB 3 port, and an eSATAp port (also referred to as an eSATA/USB combo port). The operating system is Windows 7 64-bit. The main issue I had with the drive is that it is not really hot-swappable. Plugging it in the first time, the drive will appear and you are able to format it. But if you unplug the drive and then plug it back in, it will not appear in Windows again. You can restart Windows and then the drive will appear again. The problem was worse on the eSATAp port. The drive would remount over and over on this port. To fix this issue, with the drive visible in Windows, Go to the Start Menu and type DEVICE MANAGER and click on Device Manager in the results. Under Device Manager, under Disk Drives, find the drive and double-click on it. Now click on Policies and select Better Performance and click OK. The Atlas Flux cannot utilize the Quick Removal feature. This means that you must Eject the drive via the systray USB icon or by right-clicking on it and choosing Eject. The drive will now be stable and you may use it without restarting Windows. (more…)
In the previous Setup for Dell Latitude E5430 post, we did most of the legwork to create a boot ready flash drive with all the needed add-on software needed to create a clean image of Windows 7 Pro 64-bit. We now shutdown our machine and insert the flash drive into one of the USB ports on the laptop. If you are using the RecoveryTools 4, the Windows installation will be mostly automated. If you are not using Recovery Tools 4, then you will need to install Windows normally. I will cover both methods.
WINDOWS 7 Begins…
The computer will come up to a text only screen asking you to start from the Windows EMS option. Then a Windows screen will appear asking you to choose a language. The next dialog will ask you to choose which version of Windows 7 you want to install. The choice is Windows 7 Professional. At this point if you are using Recovery Tools 4, the process is automated and you will need to wait for Windows to install itself. If you are not using Recovery Tools, then this is a normal Windows 7 installation and you should install Windows normally and skip to the next section.
The machine will reboot and come up in Windows Audit Mode. The Sysprep dialog box will appear on the screen. Always close this box by using the X in the upper right corner of the dialog. You will need to do this every time you restart the machine. Do not click any options in the Sysprep dialog.
My recent project was the setup for a refurbished Dell Latitude laptop that I purchased online. Latitudes are business oriented laptops that Dell sells and leases to a variety of business customers. Many large enterprise level companies lease their machines and return them to Dell periodically as they upgrade to newer hardware. This means that a few times throughout the year Dell amasses a stock pile of old machines that they then rebuild and sell at significant discount prices. Even better, if you browse discount sites such as DealNews and TechBargains they will detail how to get a discount on top the already low refurbished price. Dell has these discounted sales periodically, at the beginning of the year in January or in the middle of the Summer, such as July. If you are going to buy a refurbished laptop, there are some risks. These laptops are not brand new, they have seen some usage, and so if you want a perfect looking laptop you are not going to find one. Your best bet is a Grade A model, which will be priced a little higher. The other factor is that these machines only come with a very short warranty. Three months or one hundred days type warranty will apply. You can purchase an extended warranty from the Dell Refurbish site at the time of purchase, but note that you will be adding to the total price of the machine. You will want to consider this extended warranty price and what it is worth to you personally. In my case, this was a secondary machine that I am not going to worry too much about, so no extended warranty for me. These are older model machines as well and not the latest and greatest technology. Business laptops are not gaming machines either, so if your main emphasis is gaming, consider looking for an Alienware type models instead of Latitudes. Overall my best advice is to wait for the discount from the DealNews.com and then shop for something that you will like and that will cost you about forty-five percent of a new laptop. Once you get higher than fifty percent, I usually think you might as well save up for a new machine that you really want. Given all this, lets get started on setting up the laptop.
Out Of the Box
Dell took about three to four business days to ship the laptop. The machine is serviced by a third party company named Genco. The machine was packaged well and was very clean. The only accessories were the Dell power adaptor and a printed explanation of the standard warranty for a refurbished machine. Below are the specs for the laptop:
Dell Latitude E5430 Laptop (non-Vpro model)
- 2.7GHz CPU
- 4GB RAM
- 1600×900 HD display
- 320GB Western Digital Hard Drive
There were two types of e5430 models, there is an Intel-Vpro model and then there is the non-Vpro model. This one is the latter. The hard drive inside the laptop was a Western Digital mechanical hard drive and it was dated July 19th, 2013. The laptop like the hard drive is from the the same year as well, in other words I bought a three year old laptop.
The installed operating system is Windows 7 Professional (32-bit). There were no installation disks for Windows included, as the hard drive includes a recovery image.
There is nothing wrong with the laptop at this point and it is perfectly usable out of the box. However, I love hardware upgrades and so I couldn’t help myself from adding some things. The best possible upgrade is an SSD hard drive. SSD drives are now much more affordable, and so you can take your pick from a variety of SSD drives out on the market right now. My personal preference is Crucial/Micron and Samsung, but I have purchased other brands such as PNY if they were at a good price. For this project I did purchase the Crucial MX300 750GB – CT750MX300SSD1. I did consider the 525GB model as well, but unfortunately it was out of stock at the time. This SSD drive is a 7mm height drive and a spacer is included so that it fits as a 9.5mm drive. I did utilize the spacer when I switched out the drives.
Next was the memory. In current terms 4GB is not nearly adequate, so I opted for maxing out the memory. Most people might consider upgrading to 8GB memory (2 x 4GB DDR3 modules), since this is a very cheap upgrade to make. The e5430 does in fact support 2 x 8GB modules, for a total of 16GB memory! The easy way to purchase memory for this machine is to visit Crucial and buy direct from them. They will guarantee that the memory will work and are only slightly more expensive than buying from online stores like Newegg.com.
Both the hard drive swap and the memory upgrades are very easy to do. You will need a philips #0 screwdriver and for the lower memory module, I found a plastic spudger handy for pushing down the memory SIMM into place.
Note before doing any hardware upgrades, consider downloading all the required software in the following Software Installation section first if you do not have another Windows machine that you can use to download stated software. Look through Device Manager in Windows and note the type of hardware you have, such as the Network Card, Wi-fi Card, etc. My particular laptop did not have a finger print sensor or Bluetooth. In the Software Installation part we will need to download multiple software, so it is best to use a second machine or read this entire post before doing any software steps.
WARNING! I take no responsibility for any use of software or any losses of software or hardware functions. If you do not know how to use DISKPART or any other tool in this post, then perhaps this project is not for you.
Part 1: Win7_Pro_SP1_English_COEM_x64.iso
Now that we have our e5430 laptop upgraded, the big problem is Windows. The image on the original hard drive is Windows 7 Pro 32-bit and not 64-bit. Even if I took the original software image from the drive, it would not recognize my new memory. My goal is to setup this laptop with Windows 7 Pro, the 64-bit version. The machine fully supports 64-bit Windows, so the problem is just the media. The laptop has an OEM license for Windows 7, and so I do not need to purchase Windows 7 Pro 64-bit, I just need to get the installation media.
Here is where nothing is ever easy. Windows 7 ISO images are no longer easily attainable directly on the Internet. There is a long story about this, but I will skip that and simply state that from a Windows machine with IE 11, you can do the following:
First go to Heidoc.net and learn about what you will want to download. In this case a Windows 7 64-bit OEM ISO image. Next download and run his Microsoft Windows Download Tool. This will allow you to download a clean ISO image of Windows 7 64-bit, the exact file name being: Win7_Pro_SP1_English_COEM_x64.iso
Part 2: Flash Drive Setup
Once downloaded, you will need an 8GB or 16GB USB Flash Drive. This will be used as the installation source.
Insert the flash drive and note what drive letter it shows as.
Type CMD in the StartMenu Search and right-click and choose Run as administrator. Use DISKPART to setup the flash drive. Note that for the SELECT DISK command you will need to substitute # for the exact number that the flash drive comes up. Choose wisely, if you are not careful you may destroy your other disks on that computer!
SELECT DISK #
CREATE PARTITION PRIMARY
SELECT PARTION 1
FORMAT QUICK FS=FAT32
With the flash drive setup, the next step is to copy the ISO onto the flash drive. There are multiple ways of doing this. For this step I placed the ISO file in its own folder and then used WinRAR to extract the contents. I then copy and paste into the flash drive root directory.
The Latitude e5430 supports UEFI, which is the replacement for the old BIOS system that most computers have used for multiple decades. We want to take advantage of EFI booting later, so we need to have the flash drive boot with EFI. This requires a different boot file to be in a specific location on the flash drive. The ISO does not have this as default for Windows 7.
From a Windows 64-bit machine that you are already using, there should already be the file file you need.
Look for bootmgfw.efi under C:\Windows\Boot\EFI and copy it to the flash drive here:
The file then must be renamed from bootmgfw.efi to BOOTX64.EFI in order to work.
You now have a flash drive that you can boot from in EFI mode.
If you need further details on the flash drive steps see Creating Windows UEFI Boot-Stick in Windows.
More helpful links:
Part 3: Windows Setup With Factory Recovery Partition
What I do like about OEM computers is that they come setup with a hidden partition to reimage your machine in case you want to reset Windows back to a zero ground state. However what everyone does not like about this: is that the OEM image is usually filled with crapware that no one wants and it is not a clean setup of Windows. But how about if you could setup your own? In this section we will cover how to do this. If this is too complicated feel free to skip to the next section.
RecoveryTools 4 uses Microsoft tools to setup an OEM image and recovery tools for a new install of Windows. This software is free, but it is complicated process if you are not coherent with software setups.
- Download RecoveryTools 4.05
- Place the self extracting file into a separate folder and doule-click on it.
- Download the the Windows Automated Installation Kit (AIK) for Windows 7
- Place the AIK ISO file in its own folder and then use WinRAR to extract the files to the same directory
- Next install the AIK Tools
With the AIK Tools installed, we follow the directions from RecoveryTools for Windows 7. From the Windows 7 AIK, you will need the following files:
- IMAGEX.EXE (32 and 64 bits version)
- OSCDIMG.EXE (32 bits version)
If you installed AIK, these files will be located here:
- C:\Program Files\Windows AIK\Tools\amd64 (for 64-bit)
- C:\Program Files\Windows AIK\Tools\x86 (for 32-bt)
Copy IMAGEX.EXE (32 bits version) to the RecoveryTools 4 folder path:
- \Windows 7\Windows 7 Recovery Tools\ImageX\32bits
Copy IMAGEX.EXE (64 bits version) to the RecoveryTools 4 folder path:
- \Windows 7\Windows 7 Recovery Tools\ImageX\64bits
Copy OSCDIMG.EXE (32 bits version) to the RecoveryTools 4 folder path:
- \Windows 7\Windows 7 Recovery Tools\OscdImg
Next we want to copy the entire RecoveryTools 4 folder to the root of the flash drive we setup earlier. There are two more files we need.
Under RecoveryTools 4\Windows 7\AutoUnattend\GPT\ there is an AutoUnattend.xml file, copy this to the root of the Flash Drive.
Under RecoveryTools 4\Add-On\ there is an Ei.Cfg file. This file must replace the current file that is under the SOURCES folder on the root of the Flash Drive.
Part 4: Add-ons for Flash Drive
In order to save time, it is best to go ahead and create a DELL folder on the flash drive and add some more add-ons that you will need later on. I will cover these under the Updating Windows section. For now here is the list of recommended installers:
Dell Specific Updates for a Latitude e5430 Laptop:
- Intel Chipset Drivers: Chipset_Driver_CPNKY_WN32_188.8.131.529_A00
- Intel Management Engine 9: Chipset_Driver_GJVHD_WN_184.108.40.2060_A02
- Intel USB 3: Chipset_Driver_THK45_WN_220.127.116.11_A05
- Intel 4000 Graphics Driver: Video_Driver_DCG08_WN32_10.18.10.4425_A18
- HD Audio: 3330_Audio_Driver_C6HVR_WN_1.0.6491.0_A08
- Ethernet Network Card: Broadcom 57xx Network_Driver_PGHX7_WN32_17.0.2_A00 (maybe different depending on your machine)
- Wireless Network Card: Dell 1530 Network_Driver_5RHDN_WN_18.104.22.168_A02 (maybe different depending on your machine)
- Conexant D330 Modem: CONEXANT_D330-HDA-MDC_JF0K3_A01_SETUP_ZPE, CONEXANT_MULTI-DEVICE_A03_R207060
- Memory Card Reader: Chipset_Driver_D7TG2_WN_3.0.07.44_A04
- Freefall Sensor: Chipset_Driver_V6681_WN_4.10.0046_A06
- Dell Multi-touch Touchpad: Input_Driver_YXX3D_WN32_10.1207.101.109_A03
One more installer will be needed. We are going to install a specific version of Intel Rapid Technology drivers. These are not on the Dell site. The reason for this is that this specific set of drivers work best for this laptop. These are the Intel Rapid Technology E Drivers version 22.214.171.1240. To read more about this topic you can read this Win-Raid.com post. You can download the drivers from Intel or from Win-Raid.com: Intel RSTe Drivers.
Part 5: F2 & BIOS Setup
Take note of what version of Dell BIOS your machine has. If it is not the latest, I recommend you download the latest BIOS (in my case the non-vPro version) and upgrade your BIOS first before continuing.
At this point we have gathered all our software on our flash drive and are ready to almost install Windows 7. We must however make some changes to the e5430’s Setup.
- Restart the laptop and press F2 to enter the BIOS Setup.
- Under General – Boot Sequence: change to UEFI
- Under System Configuration – SATA Operation: change to AHCI
- Apply Changes and Exit
Part 6: Hard Drive Setup
This step is optional and only needed if you want to wipe the hard drive. It is included here, in case you need to redo the setup of Windows. To manually wipe a hard drive and convert it to GPT:
Turn off the PC, and put in the Windows installation DVD or USB key.
Boot the PC to the DVD or USB key in UEFI mode. For more info, see Boot to UEFI Mode or Legacy BIOS mode.
From inside Windows Setup, press Shift+F10 to open a command prompt window.
Open the diskpart tool:
Identify the drive to reformat:
Select the drive, and reformat it:
select disk #
Close the command prompt window.
Continue the Windows Setup installation.
We are now ready to start installing Windows! Continue reading Setup for Dell Latitude E5430 – Part 2.
Here is something that I came upon recently in regards to Windows Server 2012 and performance issues. My home server runs Windows 2012 Server Essentials and the operating system is installed onto a Samsung 830 SSD. Performance was becoming a problem of lately. There were noticeable lag in opening up drives in Windows Explorer and other slight delays that I thought were related to the SSD drive. SSD drives can become slower as they near capacity. Even if you delete a lot of large files to free up space, the trim feature still needs time to run and free up space. This means that if you have an SSD at 85% capacity and you delete files to bring it down to 50%, the SSD still has 85% allocated until the trim feature has a few hours of uninterrupted time to run.
After further investigation, I found that trying to open Control Panel – Hardware – Devices and Printers would not even display at all. Next I looked at Device Manager to see if there were any issues there. I did not see any problems with items listed in Device Manager. However after clicking on View – Show Hidden Devices, I found thousands of entries for Storage Volume Shadow Copies and the same for Storage Volumes. There were also a large number of USB devices that I had used in the past. The Windows registry stores all these previous entries and over time, never removes them. I uninstalled the old USB devices, but for the shadow copies and storage volumes, I found that this problem is most likely due to normal usage of Remote Desktop and other Windows services. To remove them manually would take a very long time.
Microsoft has a utility for this issue. Microsoft DevNodeClean can be run on Windows Server 2003 and newer operating systems. In fact, you will need to most likely run this utility weekly if the issue persists. To run the command, use an elevated CMD Prompt and type:
After restarting the server, this resolved the performance issues and I could open up Devices and Printers again.