Almost a gallon of black walnut syrup (plus half a pint of maple syrup, from the two trees at the bottom of the driveway)
2026 Maple Season – Got Syrup
2026 Maple Season – Boiling
We are getting huge “clouds” evaporating every time the wind picks up
And the fire is toasty
Gluten Free Pizza
Tried using this King Arthur Flour “measure for measure” gluten free flour to make a pizza crust. It ended up dry and crumbly. Not bad … but finding a good gluten free pizza crust recipe is still a work in progress.
2026 Maple Season – More Tappling
Anya and I finished tapping the walnut trees (and two maple trees) today.
And we had our sap helper cat!
2026 Maple Season – Black Walnut Trees Tapped
We spent the day tapping our black walnut trees – the end of the extended forecast is in the 70’s, but we should get at least a week of sap flow.
Sausage Egg McMuffins, quasi AIP
Cassava flour rolls, vegan cheese, and ground pork with spices to somewhat mimic sausage.
Ingredients:
2 cups cassava flour
1 Tbsp baking powder
1 tsp salt
3 eggs
1/4 cup coconut oil
2 Tbsp maple syrup
2 tsp yeast
1 cup warm water
Combine water, maple syrup, and yeast. Allow to sit for about ten minutes until it is very frothy.
Mix dry ingredients, combine with wet ingredient, allow to rise for an hour. Shape into rolls and allow to rise for 30 minutes.
Bake at 350 for 25-30 minutes
Stratified Snow
We’ve had a number of snow storms in the past week or two, and the snow is stratified showing each snowfall.
Green Banana Hash
I made green banana hash tonight to go with our pork chops and broccoli. Microwaved four green bananas for five minutes (cut off ends, cut along back to cut through the peel, then microwave). I let them sit about ten minutes to cool down, then removed the peel. Diced into small pieces and then smashed some to make really small pieces. Added a little salt, then sauteed in coconut oil until crispy. They’re really good – and with bright green bananas, they do a very good impression of potatoes.
Venafi Cert Issuance Fails after Windows 2022 Upgrade
Certificate Issuance Fails
After requesting a certificate, the request immediately fails with the error:
Failed to post CSR with error: Unknown certificate profile type.
I think it is just a coincidence, but wanted to document the scenario in case it comes up again. The application makes web calls to a vendor API to issue certs. The API calls, after the upgrade, were failing.
In this scenario, a call was being made to {base_url}/api/ssl/v1/types, the connection failed. Since the list of valid certificate profiles could not be retrieved, the request failed saying the certificate profile was unknown.
GET https://hard.cert-manager.com/api/ssl/v1/types?organizationId=####
Looking at a debug trace, the following flow was observed:
- Authentication headers sent: login=<REDACTED>, password=<REDACTED>, customerUri=<REDACTED>
- Transport-level failure (no HTTP status returned on the failing attempt)
- Symptoms: “Decrypt failed with error 0X90317” followed by “The underlying connection was closed: The connection was closed unexpectedly.”
- Context: Revocation checks reported “revocation server was offline,” then the client proceeded; long idle/keep-alive reuse likely contributed to the close.
Connection reuse vs server keep-alive: Apache is advertising Keep-Alive: timeout=3. The .NET client is reusing long-idle TLS connections via the proxy; by the time it sends application data, the server/proxy has already closed the session, leading to “underlying connection was closed” errors.
Revocation checks through the proxy: The .NET trace shows “revocation server was offline” before proceeding. That extra handshake work plus proxy blocking CRL/OCSP can increase latency and contribute to idle reuse issues.
.NET SChannel quirks: Older HttpWebRequest/ServicePoint behaviors (Expect100-Continue, connection pooling) can interact poorly with short keep-alive servers/proxies.
Luckily, this is a .NET application, and you can create custom configuration files for .NET apps. In the file with the binary, look for a text file named BinaryName.exe.config
If none exists, create one. The following disables the proxy:
<?xml version=”1.0″ encoding=”utf-8″?>
<configuration>
<system.net>
<!– Turn off use of the system proxy for this app –>
<defaultProxy enabled=”true”>
<proxy usesystemdefault=”false” />
</defaultProxy>
</system.net>
</configuration>
Client Connections to HTTPS IIS Site Fail After Upgrade to Windows Server 2022
Client connections to the HTTPS IIS site failed with the following error:
Secure Connection Failed
An error occurred during a connection to certmgr-dev.uniti.com.
PR_CONNECT_RESET_ERROR
Error code: PR_CONNECT_RESET_ERROR
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified. Please contact the website owners to inform them of this problem.
The IIS site was set to “accept” client certificates.
- Client Certificates = Accept means IIS/HTTP.sys will try to retrieve a client certificate only if the app touches Request.ClientCertificate (or a module that maps/validates client certs). That retrieval is done via TLS renegotiation in TLS 1.2.
- On Server 2022, browsers prefer TLS 1.3. TLS 1.3 does not support the old renegotiation used to fetch a client cert mid‑request. When your app/module at “/” accesses the client cert, IIS attempts renegotiation, fails, and the connection is reset.
Setting Client Certificates to “Ignore” prevents IIS from attempting to renegotiate, so the site loads. This obviously isn’t a solution if you want to use client certificates to authenticate … but we’re authenticating through Ping, so don’t actually need the client certs.