Here is a quick way of creating your own CA and issue server and client certificates via OpenSSL.
I will test the certificates via the Apache HTTP Server by configuring one and two-way SSL.
I use Oracle Linux 5.
You should of cause only use this for test scenarios.
Since JRockit is dead this post might not be interesting, but anyway …
I have never used JRockit Real Time (JRRT). At a customer site I could see that JRRT was installed and the custom said that they used it.
But there was also installed a newer regular JRockit and (more...)
It is now possible to protect Apache on both Windows and Red Hat servers against CRIME SSL/TLS attacks.
I have updated my Hardening the Apache HTTP Server post accordingly.
Often you do not want servers in your internal network segments to be able to access the Internet directly.
One way to get controlled access to the Internet is to place an Apache HTTP Server in a DMZ network segment. Internal servers can then use the Apache server as a (more...)
If you are using a WebLogic Cluster you need a proxy in front of the cluster to provide load balancing. You need either a hardware load balancer or a Web Server with the Oracle Web server plug-in.
Even if you are not using a Cluster it makes sense to place (more...)
I found a brilliant Work Manager demo video by James Bayer. There also is a accompanying slide show.
James also has an older post where you can download the source and the war file. It is great when you can get your hands on the source of demos so you (more...)
I have only used the Apache HTTP Server on Windows for a couple of years since I mostly use Linux.
Until now I have downloaded the binaries from the Apache Software Foundation or one of its mirrors.
I have been missing the latest releases (2.2.23 and 2.2. (more...)
In this post I will describe how to do a silent installation and configuration of the OSB.
I go through the same steps as I did in my Installing the Oracle OSB on Red Hat 6 post, but now everything is executed via scripts. I will only focus on the (more...)
I recently had to find the size of the data stored in the HTTP Session State. On MOS I found this note:
“Session Replication Fails Due To Non-Serializable Object: JSP Test Page [ID 1073386.1]“.
It contains a JSP test page that will show you if your session data is (more...)
Here is my experiences with installing OSB 188.8.131.52 on Red Hat 6 (64-bit) using Java 7.
By the way you might also be interested in my post about Silent installation of the OSB on Red Hat 6.
First have a look at the documentation:
Oracle Fusion Middleware (more...)
I have been messing around with silent install of FMW and creating domains via WLST. I was initially trying to get as much as possible done via offline WLST and therefore wanted to create a Data Source. I could not find any examples online which was a bit puzzling since (more...)
It is not difficult to create an SSL/TLS certificate and configure an Apache HTTP Server to use it. But I found that there are some things you need to know that does not necessarily make much sense. Here are some lessons learned and a couple of tips.
Intermediate and Root (more...)
After having been through security audits over the years I now have a short list of things I always change after having installed an Apache HTTP Server.
It is not much, but it always moves the focus from the Apache server to the applications and thereby off my desk
I recently had to upgrade a WebLogic Server with ADF for a customer. It was WebLogic 10.3.4 to 10.3.6 and ADF 184.108.40.206 to 220.127.116.11. They also used Enterprise Manager.
Everything went fine except for the Enterprise Manager which ended up (more...)
If you do a default installation of the WebLogic Server user activity is not audited. WebLogic has a build in Auditing Provider but it has to be enabled.
The Audit Provider can log these events.
To enable it via the Admin Console got to Security Realms => myrealm => Providers (more...)
On Linux low entropy can cause certain operations to be very slow.
SSL operations need entropy to ensure randomness. Entropy is generated by the OS when you use the keyboard, the mouse or the disk.
If an SSL operation is missing entropy it will wait until enough is generated.
A customer had a situation where they had to call a remote Web Service from the SOA Suite via https. (One-way TLS/SSL). The developers had deployed the SOA Application so I had to configure the SOA Suite to trust the key used for SSL. For unknown reasons the normal Weblogic (more...)
An Apache http server does not support more than one SSL virtual host on the same IP address and port. So if you want to host two Internet domains on the same server and they both use SSL on port 443 then you must use two IP-addresses.
You can read (more...)
Here is my experiences with installing Forms and Reports 18.104.22.168 on Red Hat 6 (64-bit) using JDK 7.
Forms/Reports currently exists in two flavors 22.214.171.124 and 126.96.36.199. 188.8.131.52 is the main Fusion Middleware release. As far as I (more...)
Oracle has recently removed the download links to a lot of older versions of the database and OAS software from OTN. The software is not on eDelivery either.
The way you are meant to get the software is by opening a “Contact Us” Service Request and then they will give (more...)