Weblogic Node Manager using Demo cert gives error: certificate_unknown

Users who are using either WebLogic Server 10.3.6 or WebLogic Server 12.1.1 on JDK 1.6.0_101+, JDK 1.7.0_40+, or JRockit R28.3.7+, have demo certificates and are using SSL will get an exception:

com.sun.xml.ws.client.ClientTransportException: HTTP transport error: 
javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_unknown

There are four possible solutions:

  1. Create a new Demo Key with the larger key size
  2. Obtain your own certificate, by submiting a new request to your CA, increasing its certificate strength (i.e. >1024)
  3. Remove the key length restriction (not recommended but the fastest solution)
    The java.security file is located in your client machine’s Java/JRE installed directory $JAVA_HOME/jre/lib/security/java.security.

    In Java 1.7.0_40 the java.security by default has this setting:

    java.security file Snippet

    # Note: This property is currently used by Oracle's PKIX implementation. It
    # is not guaranteed to be examined and used by other implementations.
    #
    # Example:
    #   jdk.certpath.disabledAlgorithms=MD2, DSA, RSA keySize < 2048
    #
    #
    jdk.certpath.disabledAlgorithms=MD2, RSA keySize < 1024
    

    Changing the 1024 to 512 will allow the existing certificate to work.

  4. Upgrade to WLS 12.1.2

Permanent link to this article: http://devnumbertwo.com/weblogic-node-manager-using-demo-cert-gives-error-certificate_unknown/

How to create sym links in Windows

Reference: https://technet.microsoft.com/en-us/library/cc753194.aspx

Command line: mklink

The following example creates a symbolic link named MyDocs in C:\Temp to the C:\Temp\Documents:

mklink /d C:\Temp\MyDocs C:\Temp\Documents


						
						
						
		

Permanent link to this article: http://devnumbertwo.com/create-sym-links-windows/

Siebel: Unable to connect to the gateway server SBL-GEN-05009

Baaaahhhh!!!!

Trying to install Siebel 8.2.2 on Linux 6 (64 bit) eh?

Scenario 1: Running the Configuration Wizard and it fails with error 5009… something like:

Jan 01, 2015 10:00:00 AM oracle.siebel.configurator.utility.ConfigUtility runProgram
FINER:
Exited with error 5009

OR

Scenario 2: AFTER running the configuration wizard and trying to configure a gateway name server you get “Unable to connect to Siebel Gateway Name Server”…

NameServerLayerLog Error 1 000000024f4c19ce:0 20120228
10:30:00 Unable to connect to the gateway server.
GenericLog GenericError 1 000000024f4c19ce:0 20120228
10:30:00 NSC ErrCode 5009 SysErr 0GenericLog GenericError 1 000000024f4c19ce:0 20120228
10:30:00 (srvredit2.cpp (302) err=5009 sys=1) SBLGEN05009:
Unable to connect to the gateway server.

Things to check:

  • Typically /etc/host.conf has ‘multi on’ option set. Try overriding this variable in your session prior to running the config wizard
    export RESOLV_MULTI=off

    Note: make sure to use port # lower than 32767

  • Remove any of the existing following files from gtwysrvr/sys
    siebns*
    svc.gtwyns*
  • And this time (if you didn’t do this the first time), run the config with the “-verbose” option so you can see more wonderful errors if they come up

Permanent link to this article: http://devnumbertwo.com/siebel-unable-connect-gateway-server-sbl-gen-05009/

X11 forwarding request failed on channel 0

the dreaded X11 forwarding request failed on channel 0 so you’ve tried: ssh  dev2user@dev2server.somedomain.com and getting the following error on screen when trying to run something that requires x11 forwarding (like xclock or some type of installer perhaps?):

xclock X11 forwarding request failed on channel 0

try this:

  1. login to your server (as root or some type of super user):
    ssh root@dev2server.somedomain.com
  2. install xauth
    yum install xauth
  3. edit /etc/ssh/sshd_config file
    vi /etc/ssh/sshd_config

    set the following two options:

    X11Forwarding yes X11UseLocalhost no

    save and close the file

  4. logout and login again as your desired user ssh  dev2user@dev2server.somedomain.com
    xclock

Permanent link to this article: http://devnumbertwo.com/x11-forwarding-request-failed-on-channel-0-error/

change the default port that OpenSSH server uses

OpenSSH by default listens to port 22 of all local addresses. To provide additional
security to the OpenSSH server, the ListenAdress and Port
directives in /etc/ssh/sshd_config file can be used.

ListenAddress – List the ip address or hosts that sshd will listen on.

Port – Specifies the port that sshd will listen to.

Example /etc/ssh/sshd_config file:

Port 40
ListenAddress 127.0.0.1
ListenAddress 172.16.45.0

Restart sshd daemon in the OpenSSH server for the changes to take effect.

# service sshd restart

Now the command below can be used to connect a client from serverip network to the OpenSSH server:

# ssh serverip -p 40

Permanent link to this article: http://devnumbertwo.com/change-the-default-port-that-openssh-server-uses/

vi commands for cygwin

i started running cygwin for sshd on a windows VM and tried to edit a file using vi and got super frustrated. why is it not the same as regular unix vi??!!! why why??!

anyway, to save you the same headache here is a list of basic vi commands for cygwin

  • i                      – insert is similar to �a� but is to the left of where the cursor is.
  • a                      – appends to the data, after typing �a� you can use the keyboard to type in letter/numbers like a normal word processing program.  When you are done typing what you want at that location, you need to hit the �Esc� button before you can return to the regular mode.
  • Esc                 – escape ends the current mode you are in (i.e. typing mode) and takes you back to the original.
  • x                      – Typing �x� lowercase will erase the character on the cursor, like the �Backspace� key does in a normal word processing program.  The �Delete� button will do the same thing in the regular mode.
  • :w                   – saves all the changes you made to a existing file name.
  • :w new-filename           – saves all the changes you made to a new filename you specify.
  • ZZ                   – Capital ZZ.  This will save and quit the �vi� program and bring you back to the command line.
  • :q!                 – This will quite the �vi� program without saving the last changes you made.
  • u                      – This is undo, and will undo the last action you have completed.
  • dd                   – This will erase the entire line.  Tying a number before typing �dd� will remove the number of lines chosen.
  • :se nu         – This is to �set number lines� which will temporarily number the lines of the document for you.
  • Ctrl f         – This will page down the document by one screen length.
  • Ctrl b         – This will page up the document by one screen length.
  • G                      – This will move the cursor to the end (bottom) of the document
  • 1G                   – This will move the cursor to the top of the document

 

 

Permanent link to this article: http://devnumbertwo.com/vi-commands-for-cygwin/

Permanent link to this article: http://devnumbertwo.com/regain-access-to-my-godaddy-account-or-my-domain/

You should rebuild using libgmp >= 5 to avoid timing attack vulnerability

getting this on your linux when trying to run something?

You should rebuild using libgmp >= 5 to avoid timing attack vulnerability. _warn("Not using mpz_powm_sec. You should rebuild using libgmp >= 5 to avoid timing attack vulnerability.", PowmInsecureWarning)

yup, seen it…

RHEL has GMP version 4.something
PyCrypto needs GMP >= 5

RHEL is a tad behind we have to re-make The GNU Multiple Precision Arithmetic Library stuff.

solution:

    1. download the sources from https://gmplib.org/#DOWNLOAD
    2. and according to the instructions from the package:
      tar -xvjpf gmp-6.0.0a.tar.bz2
      ./configure 
      make 
      make check
      make install 
      
    3. rebuild PyCrypto
      pip install --ignore-installed PyCrypto
    4. for good measure, re-build and re-install some stuff (trust me, just go with it)
      yum -y groupinstall "Development tools" 
      yum -y install gcc libgcc glibc libffi-devel libxml2-devel libxslt-devel openssl-devel zlib-devel bzip2-devel ncurses-devel

tada! send me a nice thank you note when you’re done.

Permanent link to this article: http://devnumbertwo.com/you-should-rebuild-using-libgmp-5/

The emctl file in the oraclehome cannot be renamed from emctl.bat to emctl_upgrade.bat

the issue: upgrading your OEM agent from 12.1.0.3 to 12.1.0.4 and you’re getting this at the end of your log

SEVERE: The emctl file in the oraclehome cannot be renamed from d:\oracle\agent12c\core\12.1.0.3.0\bin\emctl.bat to d:\oracle\agent12c\core\12.1.0.3.0\bin\emctl_upgrade.bat

SEVERE: 
ERROR: Agent Deployment Failed

SEVERE: The emctl file d:\oracle\agent12c\core\12.1.0.3.0\bin\emctl_upgrade.bat does not exist
SEVERE: The emctl file in instancehome d:\oracle\agent12c\agent_inst\bin\emctl_upgrade.bat does not exist

cause and solution: the issue is caused by a known bug. go through the agent upgrade console again (setup –> manage cloud control –> upgrade agents) and input “EMCTL_RENAME=false” in the Additional Parameter section like this

emctl file in the oraclehome cannot be renamed from emctl.bat to emctl_upgrade.bat

Permanent link to this article: http://devnumbertwo.com/emctl-file-in-the-oraclehome-cannot-be-renamed-from-emctl-bat-to-emctl_upgrade-bat/

opmnctl start one component

sometimes you just want to try starting up one ias-component of an OHS instance rather than ALL. here’s how you do it:

let’s say you have the following components and you only want to start wc1

opmnctl status -l

--------------+----------------+------+--------+------+---------+--------+------
ias-component | process-type   |  pid | status |  uid | memused | uptime | ports
--------------+----------------+------+--------+-------+--------+--------+------
ohs1          | OHS            | 22347 | Alive  | 12345 | 97584 | 34:56 | https:10000,http:8080
wc1           | WebCache-admin | 22345 | Alive  | 12346 | 73416 | 34:56 | http_admin:4000

type this command:

opmnctl startproc ias-component=wc1

Permanent link to this article: http://devnumbertwo.com/opmnctl-start-one-component/

Older posts «