keytool -import -trustcacerts -alias dshs_ssvwbolyfldtt01.ssv.wa.lcl -file dshs_ssvwbolyfldtt01.ssv.wa.lcl.p7b -keystore dshs_ssvwbolyfldtt01.ssv.wa.lcl.jks
keytool -import -keystore keystore.production -storepass pinky -file thawte.crt -alias key-alias-in-store
certutil -P SSVWBOLYFLDTT01.ssv.wa.lcl -M -n cert-SSVWBOLYFLDTT01.ssv.wa.lcl -t u,u,u
keytool -genkey -alias key1 -keyalg RSA -keypass password -storepass password -keystore keystore.jks
keytool -export -alias key1 -storepass password -file server.cer -keystore keystore.jks
keytool -import -v -trustcacerts -alias key1 -file server.cer -keystore cacerts.jks -keypass password -storepass password
keytool -import -v -trustcacerts -alias key1 -file server.cer -keystore cacerts.jks -keypass password
keytool -genkey -alias key1 -keyalg RSA -keypass password -storepass password -keystore keystore.jks
how to create a new cert8.db (security db) and key.db (authenticate db)
certutil -N -P "SSVWBOLYFLDTT01.ssv.wa.lcl" -d
create a self signed cert
create-selfsigned-cert --user=admin --port=8443 --config=SSVWBOLYFLDTT01.ssv.wa.lcl --token=internal --org-unit=CA --locality=en --state=WA --validity=10 --org=DSHS --country=US --server-name=ssvwbolyfldtt01.ssv.wa.lcl --nickname=cert-SSVWBOLYFLDTT01.ssv.wa.lcl-1
delete
delete-cert --user=admin --port=8989 --password-file=admin.pwd --token=internal --config=SSVWBOLYFLDTT01.ssv.wa.lcl cert2
---------------------------------------------------------
wadmin --username=admin
wadmin > reset-admin-password
in admin console, you can
1) create a cert through reqest.
2) create a CA file and send it to a CA
3) modify the http-listener to attach to a port or set SSL
4) A very import step, to deploy your configuration change.
5) create a virtual server will automatically create a alias folder (virtual directory) and a service.
Thursday, May 29, 2014
Friday, May 16, 2014
Configuration jboss 7
quoted from
http://opensourcearchitect.co/tutorials/ip-addresses-interfaces-jboss-eap6-as7
Configuration through the cli:
Your JBoss AS 7 or EAP 6 server must be started before in order to access the administration console.
Configuring the Default Public Interface:
First we connect to the cli by using the jboss-cli.bat or jboss-cli.sh scripts depending on your operating system:
Step 1:
Windows:
jboss-cli.bat connect
Linux:
$ ./jboss-cli.sh connect
Step 2:
Next we update the interface by issuing the following cli command:
/interface=public:write-attribute(name=inet-address,value=192.168.1.67)
/interface=public:write-attribute(name=inet-address,value=192.168.1.67)
Step 3:
Lastly, we can confirm the updates by viewing the following output:
{
“outcome” => “success”,
“response-headers” => {
“operation-requires-reload” => true,
“process-state” => “reload-required”
}
}
{
“outcome” => “success”,
“response-headers” => {
“operation-requires-reload” => true,
“process-state” => “reload-required”
}
}
A successful restart of the server will result in the following message printed out in the console and log file:
13:13:09,397 INFO [org.apache.coyote.http11.Http11Protocol] (MSC service thread 1-15) Starting Coyote HTTP/1.1 on http–192.168.1.67-8080
13:13:09,397 INFO [org.apache.coyote.http11.Http11Protocol] (MSC service thread 1-15) Starting Coyote HTTP/1.1 on http–192.168.1.67-8080
This will allow you to successfully access your application on the public interface by typing in:
http://{youripaddress}:8080/myapp
For our example, the url will be:
http://192.168.1.67:8080/myapp
Configuring the new Administration Interface:
Step 1:
First we connect to the cli by using the jboss-cli.bat or jboss-cli.sh scripts depending on your operating system:
Windows:
jboss-cli.bat connect
Linux:
$ ./jboss-cli.sh connect
Step 2:
Next we update the administrative interface by issuing the following cli command:
/interface=management:write-attribute(name=inet-address,value=192.168.1.67)
/interface=management:write-attribute(name=inet-address,value=192.168.1.67)
Step 3:
Lastly, we can confirm the updates by viewing the following output:
{
“outcome” => “success”,
“response-headers” => {
“operation-requires-reload” => true,
“process-state” => “reload-required”
}
}
{
“outcome” => “success”,
“response-headers” => {
“operation-requires-reload” => true,
“process-state” => “reload-required”
}
}
A successful startup will result in the following message printed out in the console and log file:
13:31:00,880 INFO [org.jboss.as] (Controller Boot Thread) JBAS015951: Admin console listening on http://192.168.1.67:9990
13:31:00,880 INFO [org.jboss.as] (Controller Boot Thread) JBAS015951: Admin console listening on http://192.168.1.67:9990
This will allow you to successfully access the administration console on the administration interface by typing the following in the address bar of your browser:
http://{youripaddress}:9990
For our example, the url will be:
http://192.168.1.67:9990
Configuration through xml files:
In JBoss AS 7, interfaces can be configured in the standalone.xml or domain.xml for a JBoss server.
For example, if we have server installed under:
/home/opensourcearchitect/jboss-as-7.1.1.Final/
/home/opensourcearchitect/jboss-as-7.1.1.Final/
The standalone.xml file will be located under:
/home/opensourcearchitect/jboss-as-7.1.1.Final/standalone/standalone.xml
/home/opensourcearchitect/jboss-as-7.1.1.Final/standalone/standalone.xml
In the standalone.xml file for example you will see:
<interfaces>
<interface name=”management”>
<inet-address value=”127.0.0.1″/>
</interface>
<interface name=”public”>
<inet-address value=”127.0.0.1″/>
</interface>
</interfaces>
<interfaces>
<interface name=”management”>
<inet-address value=”127.0.0.1″/>
</interface>
<interface name=”public”>
<inet-address value=”127.0.0.1″/>
</interface>
</interfaces>
This defines the public interface (interface name=”public”) as 127.0.0.1 and the management interface as 127.0.0.1.
Configuring the Default Public Interface:
Step 1:
Edit the standalone.xml file in your favorite text editor.
Step 2:
Next, update the following section:
From:
<interface name=”public”>
<inet-address value=”127.0.0.1″/>
</interface>
<interface name=”public”>
<inet-address value=”127.0.0.1″/>
</interface>
To:
<interface name=”public”>
<inet-address value=”{youripaddress}”/>
</interface>
<interface name=”public”>
<inet-address value=”{youripaddress}”/>
</interface>
For our example, the ip address will be:
<interface name=”public”>
<inet-address value=”192.168.1.67″/>
</interface>
<interface name=”public”>
<inet-address value=”192.168.1.67″/>
</interface>
A successful restart of the server will result in the following message printed out in the console and log file:
13:13:09,397 INFO [org.apache.coyote.http11.Http11Protocol] (MSC service thread 1-15) Starting Coyote HTTP/1.1 on http–192.168.1.67-8080
13:13:09,397 INFO [org.apache.coyote.http11.Http11Protocol] (MSC service thread 1-15) Starting Coyote HTTP/1.1 on http–192.168.1.67-8080
This will allow you to successfully access your application on the public interface by typing in:
http://{youripaddress}:8080/myapp
For our example, the url will be:
http://192.168.1.67:8080/myapp
Configuring the new Administration Interface:
Step 1:
Edit the standalone.xml file in your favorite text editor.
Step 2:
Next, update the following section:
From:
<interface name=”management”>
<inet-address value=”127.0.0.1″/>
</interface>
<interface name=”management”>
<inet-address value=”127.0.0.1″/>
</interface>
To:
<interface name=”management”>
<inet-address value=”{youripaddress}”/>
</interface>
<interface name=”management”>
<inet-address value=”{youripaddress}”/>
</interface>
For our example, the ip address will be:
<interface name=”management”>
<inet-address value=”192.168.1.67″/>
</interface>
<interface name=”management”>
<inet-address value=”192.168.1.67″/>
</interface>
A successful startup will result in the following message printed out in the console and log file:
13:31:00,880 INFO [org.jboss.as] (Controller Boot Thread) JBAS015951: Admin console listening on http://192.168.1.67:9990
13:31:00,880 INFO [org.jboss.as] (Controller Boot Thread) JBAS015951: Admin console listening on http://192.168.1.67:9990
This will allow you to successfully access the administration console on the administration interface by typing the following in the address bar of your browser:
http://{youripaddress}:9990
For our example, the url will be:
http://192.168.1.67:9990
how to install ssl in Sun web server 7
\WebServer7\yourconfigfolder\config\yourconfigure.conf
enable or disable ssl
change the port
...
<http-listener>
<name>http-listener-1</name>
<!--<ip>198.238.85.241</ip>-->
<port>80</port>
<!--<port>443</port>-->
<server-name>SSVWBOLYFLDTT01.ssv.wa.lcl</server-name>
<default-virtual-server-name>SSVWBOLYFLDTT01.ssv.wa.lcl</default-virtual-server-name>
<!--<ssl>
<server-cert-nickname>cert1</server-cert-nickname>
</ssl>-->
</http-listener>
enable or disable ssl
change the port
...
<http-listener>
<name>http-listener-1</name>
<!--<ip>198.238.85.241</ip>-->
<port>80</port>
<!--<port>443</port>-->
<server-name>SSVWBOLYFLDTT01.ssv.wa.lcl</server-name>
<default-virtual-server-name>SSVWBOLYFLDTT01.ssv.wa.lcl</default-virtual-server-name>
<!--<ssl>
<server-cert-nickname>cert1</server-cert-nickname>
</ssl>-->
</http-listener>
Wednesday, May 14, 2014
run jboss as a windows service
1) Download jboss-native-2.0.10-windows-x64-ssl.zip and copy the contents of bin catalog to %JBOSS_HOME%/bin
2) Then edit the service.bat. Below is content of mine service.bat
---------------------------------------------------------------------------------------------------
@echo off
REM JBoss, the OpenSource webOS
REM
REM Distributable under LGPL license.
REM See terms of license at gnu.org.
REM
REM -------------------------------------------------------------------------
REM JBoss Service Script for Windows
REM -------------------------------------------------------------------------
@if not "%ECHO%" == "" echo %ECHO%
@if "%OS%" == "Windows_NT" setlocal
set DIRNAME=%CD%
REM
REM VERSION, VERSION_MAJOR and VERSION_MINOR are populated
REM during the build with ant filter.
REM
set SVCNAME=JBOSS7Server
set SVCDISP=JBoss Application Server 7.1.1_Final
set SVCDESC=JBoss Application Server 7.1.1 Platform: Windows x64
set NOPAUSE=Y
REM Suppress killing service on logoff event
REM set JAVA_OPTS=-Xrs
REM Figure out the running mode
if /I "%1" == "install" goto cmdInstall
if /I "%1" == "uninstall" goto cmdUninstall
if /I "%1" == "start" goto cmdStart
if /I "%1" == "stop" goto cmdStop
if /I "%1" == "restart" goto cmdRestart
if /I "%1" == "signal" goto cmdSignal
echo Usage: service install^|uninstall^|start^|stop^|restart^|signal
goto cmdEnd
REM jbosssvc retun values
REM ERR_RET_USAGE 1
REM ERR_RET_VERSION 2
REM ERR_RET_INSTALL 3
REM ERR_RET_REMOVE 4
REM ERR_RET_PARAMS 5
REM ERR_RET_MODE 6
:errExplain
if errorlevel 1 echo Invalid command line parameters
if errorlevel 2 echo Failed installing %SVCDISP%
if errorlevel 4 echo Failed removing %SVCDISP%
if errorlevel 6 echo Unknown service mode for %SVCDISP%
goto cmdEnd
:cmdInstall
jbosssvc.exe -imwdc %SVCNAME% "%DIRNAME%" "%SVCDISP%" "%SVCDESC%" service.bat
if not errorlevel 0 goto errExplain
echo Service %SVCDISP% installed
goto cmdEnd
:cmdUninstall
jbosssvc.exe -u %SVCNAME%
if not errorlevel 0 goto errExplain
echo Service %SVCDISP% removed
goto cmdEnd
:cmdStart
REM Executed on service start
del .r.lock 2>&1 | findstr /C:"being used" > nul
if not errorlevel 1 (
echo Could not continue. Locking file already in use.
goto cmdEnd
)
echo Y > .r.lock
jbosssvc.exe -p 1 "Starting %SVCDISP%" > standalone.log (if your log file is located a particular folder, spell it out. ex. C:\opt\jboss7\standalone\log\standalone.log)
call standalone.bat --server-config=standalone.xml < .r.lock >> standalone.log 2>&1
jbosssvc.exe -p 1 "Shutdown %SVCDISP% service" >> standalone.log
del .r.lock
goto cmdEnd
:cmdStop
REM Executed on service stop
echo Y > .s.lock
jbosssvc.exe -p 1 "Shutting down %SVCDISP%" > shutdown.log
call jboss-cli.bat --connect command=:shutdown >> shutdown.log 2>&1
jbosssvc.exe -p 1 "Shutdown %SVCDISP% service" >> shutdown.log
del .s.lock
goto cmdEnd
:cmdRestart
REM Executed manually from command line
REM Note: We can only stop and start
echo Y > .s.lock
jbosssvc.exe -p 1 "Shutting down %SVCDISP%" >> shutdown.log
call jboss-cli.bat --connect command=:shutdown >> shutdown.log 2>&1
del .s.lock
:waitRun
REM Delete lock file
del .r.lock > nul 2>&1
REM Wait one second if lock file exist
jbosssvc.exe -s 1
if exist ".r.lock" goto waitRun
echo Y > .r.lock
jbosssvc.exe -p 1 "Restarting %SVCDISP%" >> standalone.log
call standalone.bat --server-config=standalone.xml < .r.lock >> standalone.log 2>&1
jbosssvc.exe -p 1 "Shutdown %SVCDISP% service" >> standalone.log
del .r.lock
goto cmdEnd
:cmdSignal
REM Send signal to the service.
REM Requires jbosssch.dll to be loaded in JVM
@if not ""%2"" == """" goto execSignal
echo Missing signal parameter.
echo Usage: service signal [0...9]
goto cmdEnd
:execSignal
jbosssvc.exe -k%2 %SVCNAME%
goto cmdEnd
:cmdEnd
---------------------------------------------------------------------------------------------------
3) Then run service.bat install from %JBOSS_HOME%/bin
4) To delete a service
sc -delete JBOSS7Server ( a service name not id)
Monday, May 12, 2014
create an external property.
svn propset svn:externals 'lib http://plugins.svn.wordpress.org/trunk/externallib'
property 'svn:externals' set on '.'
lib is your local path.
Subscribe to:
Posts (Atom)