Tuesday 30 April 2019

Web Logic Server 11g

Two basic types of weblogic server instances



Admin Server - Each WevLogic Server has minimum of one server called Admin Server. It acts as the central command center for managing all Domain resources, including the configuration of the servers. You can manage Admin Server through WLST commands, the Administration Console or a custom JMX client. Admin server maintains the configuration file for the domain named as config.xml and  distributes the configuration updates to the managed servers. I


Managed Server -




Configuration file - named as config.xml located under the root directory. default root directory is


What are the key management tools for handling day-to-day adminstrative and configuration tasks of WebLogic Server?

 Adminstration Console
 WebLogic Scripting Tool
 Node Manager



How to run Managed server in MSI ( Management Server Independence ) mode?
 

Saturday 1 September 2018


What is the best way to create a reusable Azure Virtual Machine Image?

https://serverfault.com/questions/726921/what-is-the-best-way-to-create-a-reusable-azure-virtual-machine-image


The best way to create an image is to use Powershell, the command is easy and straight forward:
Save-AzureVMImage -ServiceName "service-name" -Name "VM-name" -ImageName "image-name" -Osstate "Generalized/Specialized" -Verbose
Be careful about the Osstate option, if you want to create a template, you can choose Generalized, it will delete the existing vm and create a template image. If you want to create a snapshot image, you can choose Specialized, it will keep the existing vm and create an image -- it's just like the checkpoint in Hyper-V.

Azure link -- https://azure.microsoft.com/en-us/documentation/articles/virtual-machines-capture-image-windows-server/

Tuesday 7 March 2017

How to request for CSR request and renew the SSL keys


Few days back I started getting notification that the application certificate is soon going to expired. It's a discoverer 11g application, so we created PKCS12 compliant wallet that can be used with the C based system components for example, Oracle HTTP Server, Oracle Web Cache, Oracle Internet Directory, and OPMN


To create a wallet


To create the wallet based PKCS12 compliant  keys I used a tool Oracle Wallet Manager GUI (OWM)

You can use any wallet manager GUI that comes with oracle 11g client installation under Integration management tool or you may also find this tool in Unix oracle home software directory

cd $ORACLE_HOME/bin
PATH=$PATH:/usr/X11/bin:/usr/openwin/bin
export DISPLAY=<hostname:portno>

./owm

Select Wallet --> New



It will prompt for password.


Specify the password here and save it for future purpose,  as this password you will need for every wallet based operation like Open wallet,  Import Certificates, Export Certificates etc.





 
 
Here you need to fill the corresponding details and is important to select key size - 2048 or higher.  NOTE - common name need to be Server or DNS name like xyz.com


once all the details are entered save it.


After certificate request is created, export it and submit it to certificate authority.


Here we need to wait for receiving SSL certificate from certificate authority.  The file we receive shall have name <xyz>.com.crt with certificate extension


now import this certificate into wallet we created before.


You can also specify the "Auto-Login" option via a checkbox in OWM


  
When creating a Wallet, a file called "ewallet.p12" is generated. further, specifying Auto-Login, an additional file called "cwallet.sso" is also generated.

To import these keys in discoverer




1) login to discoverer application
2) Shutdown the opmn services

3)  Go to $ORACLE_INSTANCE/config/OHS/ohs1

grep –i SSLWallet ssl.conf




4) Go to $ORACLE_INSTANCE/config/OHS/ohs1/keystores/default

Place both the keys here 1) ewallet.p12   2) cwallet.sso

5) now restart the opmnctl services

opmnctl startall


6) now access the discoverer application and you will find the certificate key information in lock box




To verify that your website is secure and/or when the SSL certificate expires there are a few methods of testing this.

You can view the site information from your browser to view basic information about the SSL certificate. Including if the connection is secure and when the certificate will expire.

Firefox
In the address bar click on the lock icon to the left of 'https://'
This will show if the connection is encrypted
Click on 'More information'
Click 'View Certificate'
This will show the expiry date
Opera
In the address bar click on the lock icon to the left of 'https://'
This will show if the connection is encrypted
Click on 'Details'
Click on the linked domain name
This will show the expiry date
Chrome
In the address bar click on the lock icon to the left of 'https://'
Click on the 'Connection'
This will show if the connection is encrypted
Click on 'Certificate information'
This will show the expiry date
IE
In the address bar click on the lock icon on the right hand side
This will show if the connection is encrypted
Click 'View Certificates'
This will show the expiry date
Safari
In the address bar click on the lock icon on the right hand side
If you can see certificate information this will indicate that the connection is encrypted
You will also be able to see the expiry date
If you see an exclamation mark or another icon in place of the lock icon, then that could either indicate that SSL is not working or that the website is displaying a mix of secure and non-secure content?