This is very important.
SunOne (iplanet) configs are *NOT* xml
One space at the begging of the property Service in weblogic object in obj.conf deactivates entry.
NSAPI plugin is activating
There is no error that something is wrong with config
Sun One Web Server 6.1 Sp6 config files bug
listopad 13, 2009 @ 9:47 am (tips)
Decrypting 3DES in weblogic 8.1 configuration
październik 26, 2009 @ 12:07 pm (tips, weblogic)
Very useful tip, how to decrypt 3DES hashed password from configurations.
http://gustlik.wordpress.com/2008/08/06/decryption-of-configuration-passwords-in-weblogic/
You should add below code to class from here:
Below my version of main.
With some errors handlings
public static void main(String args[]) {
try{
if ( args== null || args.length<3 ) {
System.out.println("Usage:" );
System.out.println("arg1 = Server/lib or the Directory which has the requried JAR files");
System.out.println("arg2 = App Domain or the Directory which has SerializedSystemIni.dat");
System.out.println("arg3 = 3DES hashed password");
System.exit(0);
}
if (! new File(args[0]).exists()) {
System.out.println("Path ["+args[0]+"] does not exists");
System.exit(0);
}
if (! new File(args[1]).exists()) {
System.out.println("Path ["+args[1]+"] does not exists");
System.exit(0);
}
String beaDir = args[0];
String appDir = args[1];
String hashedPassword = args[2];
Weblogic81Utils weblogic81Utils = new Weblogic81Utils(beaDir, appDir);
String plainTextPassword = weblogic81Utils.decryptString(hashedPassword);
String configXML = weblogic81Utils.getConfigXML();
Properties bootProperties = (Properties) weblogic81Utils.getBootProperties();
System.out.println("---------------------------------------------------------------------");
System.out.println(hashedPassword + " == " + plainTextPassword);
System.out.println("boot.properties" + " <username> " + bootProperties.getProperty("username"));
System.out.println("boot.properties" + " <password> " + bootProperties.getProperty("password"));
System.out.println("---------------------------------------------------------------------");
}
catch (Exception e) {
throw (RuntimeException)new IllegalArgumentException("Unable to initialize encryption routines from provided ar
guments").initCause(e);
}
} //end of main
Import private key and certificate into Java Key Store (JKS)
październik 2, 2009 @ 10:01 am (tips, weblogic)
Receipt taken from
http://www.agentbob.info/agentbob/79-AB.html
This method describe how to
Import private key and certificate into Java Key Store (JKS).
firtst you have to convert key in PEM format to DER with openssl
openssl pkcs8 -topk8 -nocrypt -in key.pem -inform PEM -out key.der -outform DER openssl x509 -in cert.pem -inform PEM -out cert.der -outform DER in next step you can kreate keystore with java class below. user@host:~$ java ImportKey key.der cert.der Using keystore-file : /home/user/keystore.ImportKey One certificate, no chain. Key and certificate stored. Alias:importkey Password:importkey
import java.security.*;
import java.io.IOException;
import java.io.InputStream;
import java.io.FileInputStream;
import java.io.DataInputStream;
import java.io.ByteArrayInputStream;
import java.io.FileOutputStream;
import java.security.spec.*;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.util.Collection;
import java.util.Iterator;
/**
* ImportKey.java
*
* <p>This class imports a key and a certificate into a keystore
* (<code>$home/keystore.ImportKey</code>). If the keystore is
* already present, it is simply deleted. Both the key and the
* certificate file must be in <code>DER</code>-format. The key must be
* encoded with <code>PKCS#8</code>-format. The certificate must be
* encoded in <code>X.509</code>-format.</p>
*
* <p>Key format:</p>
* <p><code>openssl pkcs8 -topk8 -nocrypt -in YOUR.KEY -out YOUR.KEY.der
* -outform der</code></p>
* <p>Format of the certificate:</p>
* <p><code>openssl x509 -in YOUR.CERT -out YOUR.CERT.der -outform
* der</code></p>
* <p>Import key and certificate:</p>
* <p><code>java comu.ImportKey YOUR.KEY.der YOUR.CERT.der</code></p><br />
*
* <p><em>Caution:</em> the old <code>keystore.ImportKey</code>-file is
* deleted and replaced with a keystore only containing <code>YOUR.KEY</code>
* and <code>YOUR.CERT</code>. The keystore and the key has no password;
* they can be set by the <code>keytool -keypasswd</code>-command for setting
* the key password, and the <code>keytool -storepasswd</code>-command to set
* the keystore password.
* <p>The key and the certificate is stored under the alias
* <code>importkey</code>; to change this, use <code>keytool -keyclone</code>.
*
* Created: Fri Apr 13 18:15:07 2001
* Updated: Fri Apr 19 11:03:00 2002
*
* @author Joachim Karrer, Jens Carlberg
* @version 1.1
**/
public class ImportKey {
/**
* <p>Creates an InputStream from a file, and fills it with the complete
* file. Thus, available() on the returned InputStream will return the
* full number of bytes the file contains</p>
* @param fname The filename
* @return The filled InputStream
* @exception IOException, if the Streams couldn’t be created.
**/
private static InputStream fullStream ( String fname ) throws IOException {
FileInputStream fis = new FileInputStream(fname);
DataInputStream dis = new DataInputStream(fis);
byte[] bytes = new byte[dis.available()];
dis.readFully(bytes);
ByteArrayInputStream bais = new ByteArrayInputStream(bytes);
return bais;
}
/**
* <p>Takes two file names for a key and the certificate for the key,
* and imports those into a keystore. Optionally it takes an alias
* for the key.
* <p>The first argument is the filename for the key. The key should be
* in PKCS8-format.
* <p>The second argument is the filename for the certificate for the key.
* <p>If a third argument is given it is used as the alias. If missing,
* the key is imported with the alias importkey
* <p>The name of the keystore file can be controlled by setting
* the keystore property (java -Dkeystore=mykeystore). If no name
* is given, the file is named <code>keystore.ImportKey</code>
* and placed in your home directory.
* @param args [0] Name of the key file, [1] Name of the certificate file
* [2] Alias for the key.
**/
public static void main ( String args[]) {
// change this if you want another password by default
String keypass = “importkey”;
// change this if you want another alias by default
String defaultalias = “importkey”;
// change this if you want another keystorefile by default
String keystorename = System.getProperty(“keystore”);
if (keystorename == null)
keystorename = System.getProperty(“user.home”)+
System.getProperty(“file.separator”)+
“keystore.ImportKey”; // especially this 
// parsing command line input
String keyfile = “”;
String certfile = “”;
if (args.length < 2 || args.length>3) {
System.out.println(“Usage: java comu.ImportKey keyfile certfile [alias]“);
System.exit(0);
} else {
keyfile = args[0];
certfile = args[1];
if (args.length>2)
defaultalias = args[2];
}
try {
// initializing and clearing keystore
KeyStore ks = KeyStore.getInstance(“JKS”, “SUN”);
ks.load( null , keypass.toCharArray());
System.out.println(“Using keystore-file : “+keystorename);
ks.store(new FileOutputStream ( keystorename ),
keypass.toCharArray());
ks.load(new FileInputStream ( keystorename ),
keypass.toCharArray());
// loading Key
InputStream fl = fullStream (keyfile);
byte[] key = new byte[fl.available()];
KeyFactory kf = KeyFactory.getInstance(“RSA”);
fl.read ( key, 0, fl.available() );
fl.close();
PKCS8EncodedKeySpec keysp = new PKCS8EncodedKeySpec ( key );
PrivateKey ff = kf.generatePrivate (keysp);
// loading CertificateChain
CertificateFactory cf = CertificateFactory.getInstance(“X.509″);
InputStream certstream = fullStream (certfile);
Collection c = cf.generateCertificates(certstream) ;
Certificate[] certs = new Certificate[c.toArray().length];
if (c.size() == 1) {
certstream = fullStream (certfile);
System.out.println(“One certificate, no chain.”);
Certificate cert = cf.generateCertificate(certstream) ;
certs[0] = cert;
} else {
System.out.println(“Certificate chain length: “+c.size());
certs = (Certificate[])c.toArray();
}
// storing keystore
ks.setKeyEntry(defaultalias, ff,
keypass.toCharArray(),
certs );
System.out.println (“Key and certificate stored.”);
System.out.println (“Alias:”+defaultalias+” Password:”+keypass);
ks.store(new FileOutputStream ( keystorename ),
keypass.toCharArray());
} catch (Exception ex) {
ex.printStackTrace();
}
}
}// KeyStore
gatherting SSL private key from JKS keystore with java class
październik 2, 2009 @ 9:06 am (tips, weblogic)
Working java class example from page:
http://stackoverflow.com/questions/150167/how-do-i-list-export-private-keys-from-a-keystore
import java.io.FileInputStream;
import java.security.Key;
import java.security.KeyStore;
import sun.misc.BASE64Encoder;
public class DumpPrivateKey {
/**
* Provides the missing functionality of keytool
* that Apache needs for SSLCertificateKeyFile.
*
* @param args <ul>
* <li> [0] Keystore filename.
* <li> [1] Keystore password.
* <li> [2] alias
* </ul>
*/
static public void main(String[] args)
throws Exception {
KeyStore ks = KeyStore.getInstance("jks");
ks.load(new FileInputStream(args[0]), args[1].toCharArray());
Key key = ks.getKey(args[2], args[1].toCharArray());
String b64 = new BASE64Encoder().encode(key.getEncoded());
System.out.println("-----BEGIN PRIVATE KEY-----");
System.out.println(b64);
System.out.println("-----END PRIVATE KEY-----");
}
}X11 forwarding problems
lipiec 6, 2009 @ 11:49 am (komputer, tips)
If you setup X11 forwarding in putty. Then after SSH to server and user change via su then error could ocurr.
Xlib: connection to “localhost:10.0″ refused by server
Xlib: PuTTY X11 proxy: wrong authentication protocol attempted xterm Xt error: Can’t open display: localhost:10.0
To solve, back to oryginal user:
issue:
>xauth list
localhost:10 MIT-MAGIC-COOKIE-1 b31fa494b952390070d409890a314cfb
then on new user:
> xauth add server/unix:10 MIT-MAGIC-COOKIE-1 b31fa494b952390070d409890a314cfb
nieoczekiwane problemy z rozdzielczością Dell SP2309w i NVIDIA 6600GT
czerwiec 28, 2009 @ 11:19 pm (tips)
Na kabalku DVI maksimum jakie można wyciągnać to 1680×1050. Za to na VGA D-SUB rodzielczności do koloru do wyboru.
Natywna rozdzielczość 2048×1152 dla Dell’a SP2309w osiąga bez problemu.
Ustawienie większej rozdzielności na DVI skutkuje stworzeniem wirtualnego dużego ekranu którego wydzimy tylko kawalek w oknie 1680×1050. Co jest dziwne bo zodnie ze specyfikacją DVI – single powinno pójść nawet i 1920×1200 – wtedy dostajemy obraz w rozdzielności VGA.
how to extract part of log
maj 26, 2009 @ 11:21 am (tips)
Simple perl script below gets as arguments
1. Start pattern (could be regexp in single quotes)
2. End pattern (could be regexp in single quotes)
3. File path
It is opening file and prints everything between Start and End pattern.
<code>
#!/usr/bin/perl
die “Usage: start_pattern end_pattern file [$#ARGV]” if $#ARGV<2;
open FI, $ARGV[2] || die “Problem with opening file [$ARGV[2]] [$!]\n”;
$START=$ARGV[0];
$END=$ARGV[1];
$in=0;
foreach (<FI>) {
$in=1 if /$START/;
print $_ if $in;
$in=0 if /$END/;
}
close FI;
</code>
rozmowy z kolegami
maj 19, 2009 @ 8:58 am (londyn)
kaalai vanakkam – dzień dobry po tamilsku. To w zapisie angielskim. Właściwie oznacza to good morning.
CURL and no Cache test throgh proxy
maj 7, 2009 @ 9:55 am (komputer, tips)
i=0; while true; do let i=$i+1; curl -H “Pragma: no-cache” -H “Cache-Control: no-cache” -I -x proxy_host:proxy_port http://site_to_be_tested/index.html; echo $i; sleep 1; done
copying files unde Unix with perms and ACLs (cpio)
kwiecień 23, 2009 @ 12:03 pm (komunikacja, linux, tips)
The easiest way is to use cpio command as tar does not copy ACL from filesystem.
<code>
mkdir /desitnation/folder
cd /source/folder/path
find . -depth -print | cpio -dumpPv /desitnation/folder
</code>
‘-P’ – switch is important – copies ACLs
In other case you have to use hand made script which uses getfacl and setfacl commands.
For permissions processing best would be perl which use ’stat’ – for files properties and chmod/chown commands.
