191 Lotus blogs updated hourly. Who will post next? Home | Blogs | Search | About 
 
Latest 7 Posts
Reminder - Project WOMBAT - Project Artifact Analyzer for IBM BPM and IBM Business Monitor
Thu, Sep 22nd 2016 114
How can IBM Business Process Manager capabilities be exposed in an internet facing deployment?
Wed, Sep 21st 2016 101
IBM HTTP Server - Securing Cookies
Tue, Sep 20th 2016 108
IBM Operational Decision Manager - Running Decision Center on WebSphere Liberty Profile on Windows
Thu, Sep 15th 2016 37
IBM Operational Decision Manager - Running it on WebSphere Liberty Profile on Docker - And finally
Wed, Sep 7th 2016 26
IBM Operational Decision Manager - Running it on WebSphere Liberty Profile on Docker - And there's more
Tue, Sep 6th 2016 20
CRIMA1209E whilst using IBM Installation Manager from the command-line
Tue, Sep 6th 2016 21
Top 10
Reminder - Project WOMBAT - Project Artifact Analyzer for IBM BPM and IBM Business Monitor
Thu, Sep 22nd 2016 114
IBM HTTP Server - Securing Cookies
Tue, Sep 20th 2016 108
How can IBM Business Process Manager capabilities be exposed in an internet facing deployment?
Wed, Sep 21st 2016 101
IBM HTTP Server / IBM WebSphere Plugin - Using Transport Layer (TLS) 1.2
Tue, Nov 10th 2015 42
java.lang.UnsupportedClassVersionError: JVMCFRE003 bad major version; class=com/davehay/EmployeeServlet, offset=6
Sat, Nov 8th 2014 39
IBM Operational Decision Manager - Running Decision Center on WebSphere Liberty Profile on Windows
Thu, Sep 15th 2016 37
"SECJ0371W: Validation of the LTPA token failed because the token expired with the following info..." - much more useful with WAS 8.5
Wed, Feb 12th 2014 36
WAS - How to clear the WebSphere class caches
Mon, Feb 10th 2014 32
Executing external Python/Jython scripts from within WebSphere Application Server's wsadmin tool
Thu, Feb 27th 2014 30
WebSphere Application Server 8.5.54 and IBM BPM Advanced 8.5.5.0 - Available commands
Sat, Jan 24th 2015 28


Dave Hay
Blog Title A Portal to a Portal
Blog Description In the words of Dr Cathy Ryan, "If you don't write it down, it never happened". The postings on this site are my own and don’t necessarily represent IBM’s positions, strategies or opinions. My blog is PERSONAL, and is a repository of the stuff that I learn, play with, enjoy and want to share. If you follow one of my tips, your mileage MAY well vary - Here be dragons :-)
Blog URL http://portal2portal.blogspot.com
RSS Feed http://portal2portal.blogspot.com/feeds/posts/default?alt=rss
Validate Feed feedvalidator.org or validator.w3.org
Feed Last Checked Sep 22, 2016 3:40:24 PM EST. Realtime Update:
Location UK


Recent Blog Posts
114
Reminder - Project WOMBAT - Project Artifact Analyzer for IBM BPM and IBM Business Monitor
Thu, Sep 22nd 2016 3:38p   Dave Hay
This tool looks at project archives and artifacts and identifies potential troublespots in these applications.IBM WOMBAT - Project Artifact Analyzer for IBM BPM and IBM Business MonitorAnd it runs on Bluemix :-)Plus the forum here: -This community is a way for users and developers of IBM BPM and IBM Business Monitor to interact with the team behind IBM Wombat (aka The Analyzer).
101
How can IBM Business Process Manager capabilities be exposed in an internet facing deployment?
Wed, Sep 21st 2016 1:22a   Dave Hay
This IBM Technote: -Internet facing deployment of IBM Business Process Managerhas the latest ( as of August 2016 ) position on the oft vexing question about using IBM BPM for internet-facing solutions: -QuestionHow can IBM Business Process Manager capabilities be exposed in an internet facing deployment?CauseIntroductionIBM Business Process Manager is a powerful process development platform - designed to allow business analysts to model process flows and user interface elements in a single packa
108
IBM HTTP Server - Securing Cookies
Tue, Sep 20th 2016 4:10a   Dave Hay
The question of secured cookies has arisen recently, where a security penetration test identified a potential risk of cookies being exposed in the clear.Specifically, this relates to cookies that pass through the IBM HTTP Server web server.Whilst one would expect the application tier ( in our case, WebSphere Application Server ) to secure cookies, such as the JSESSIONID cookie: -An even more dangerous yet subtle problem with using the HTTP session for security is that the session cookie (JSESSIO
37
IBM Operational Decision Manager - Running Decision Center on WebSphere Liberty Profile on Windows
Thu, Sep 15th 2016 10:48a   Dave Hay
This is yet another Work-In-Progress, and reflects my current obsession with WebSphere Liberty Profile: -IBM Operational Decision Manager - Running it on WebSphere Liberty Profile on DockerIBM Operational Decision Manager - Running it on WebSphere Liberty Profile on Docker - And there's moreIBM Operational Decision Manager - Running it on WebSphere Liberty Profile on Docker - And finallySo today's challenge ( well, it was yesterday but that's not important right now ) was to coach a colleague
26
IBM Operational Decision Manager - Running it on WebSphere Liberty Profile on Docker - And finally
Wed, Sep 7th 2016 12:24a   Dave Hay
Following my earlier two posts: -IBM Operational Decision Manager - Running it on WebSphere Liberty Profile on DockerIBM Operational Decision Manager - Running it on WebSphere Liberty Profile on Docker - And there's moreI've now added the Decision Service WAR to the Liberty build, allowing me to test my Rule Services via SOAP and REST, providing the Hosted Transformation Decision Service (HTDS) capability.This is what I now have in server.xml : - servlet-3.1 jsp-2.3 jdbc-4.1 appSecurity-
20
IBM Operational Decision Manager - Running it on WebSphere Liberty Profile on Docker - And there's more
Tue, Sep 6th 2016 2:35p   Dave Hay
So following my earlier post: -IBM Operational Decision Manager - Running it on WebSphere Liberty Profile on DockerI noticed that the Rule Execution Server ( Decision Server ) and Rule Team Server ( Decision Center ) capabilities weren't quite working as I'd expected.Given that the original developerWorks article: -Integrate Docker in your IBM Operational Decision Manager environmentwas written for an older version of ODM ( 8.7.1 whereas I have 8.8.1 ), I reviewed the IBM Knowledge Center here
21
CRIMA1209E whilst using IBM Installation Manager from the command-line
Tue, Sep 6th 2016 6:55a   Dave Hay
As ever, I am tinkering with technology …This time, it's the use of IBM Installation Manager (IIM) to install IBM Operational Decision Manager (ODM) 8.8.1 on Linux, via the command-line, rather than using a response file.I'd previously unpacked the ODM media to a temporary directory: -ls -l /Volumes/DaveHaySSD/Software/ODM88/total 14601656-rw-r--r--@ 1 davidhay staff 2545807360 29 Jul 10:22 ODM_8.8.1_FOR_LNX_32_64B_DISK1_ML.tar-rw-r--r--@ 1 davidhay staff 2609827840 29 Jul 10:26 ODM_8.8.
25
To Docker ... And Beyond ....
Tue, Sep 6th 2016 6:19a   Dave Hay
These two articles are on my reading list: -Build and extend Docker container images with middleware functionsTo transition an IT environment to the cloud, enterprises are using container technology, primarily Docker containers. This approach helps to streamline resource consumption and further automate operational processes. At the same time, several services are required to support enterprise-grade business applications, that is, the existing middleware functions. Such services can apply to in
19
Tinkering with WebSphere Application Server v9 - Part Two
Sun, Sep 4th 2016 12:46a   Dave Hay
Following on from my earlier post: -Tinkering with WebSphere Application Server v9 - Part OneI've made much better progress with WAS 9, which is nice :-)So here's my installation response file: -installWAS9.rsp from which I installed the IBM Installation Manager (IIM), WAS and Java binaries: -/tmp/im/tools/imcl -input installWAS9.rsp -acceptLicenseInstalled com.ibm.cic.agent_1.8.5000.20160506_1125 to the /opt/IBM/Installatio
14
IBM Operational Decision Manager - Running it on WebSphere Liberty Profile on Docker
Sat, Sep 3rd 2016 3:49p   Dave Hay
ContextIn this article, I build and run a Docker Container, using an image created using WebSphere Liberty Profile 8.5.5 and IBM Operational Decision Manager Advanced 8.8.1.This is based upon an excellent developerWorks article: -Integrate Docker in your IBM Operational Decision Manager environmentThe major differences are: -(a) I'm running this natively using Docker 1.12.0a on MacOS 11 ( the article used Docker 1.8.1 )(b) using a later version of ODM ( the article used 8.7.1 )As per the articl
23
Docker - Moving Images between Servers
Sat, Sep 3rd 2016 3:43p   Dave Hay
Another in the series of Docker-flavoured articles. I am using Docker on MacOS, and had a requirement to move an image from one host to another.In terms of Docker version, I'm using the native version ( rather than Boot2Docker, VirtualBox etc. ) : -docker version Client: Version: 1.12.0 API version: 1.24 Go version: go1.6.3 Git commit: 8eab29e Built: Thu Jul 28 21:15:28 2016 OS/Arch: darwin/amd64Server: Version: 1.12.0 API version: 1.24 Go version: go1.6.3 Git comm
15
Tinkering with WebSphere Application Server v9 - Part One
Sat, Sep 3rd 2016 11:24a   Dave Hay
This is the first of, I'm sure, many posts relating to WAS v9I started by downloading the product from the IBM internal equivalent of Passport Advantage, using this: -V9.0: Download WebSphere Application Server Network Deployment Version 9 from Passport Advantage OnlineHowever, I stupidly ONLY downloaded WAS itself, via the part number: -CND1LMLwithout realising that: -(i) I needed IBM Installation Manager (IIM) 1.8.5(ii) I did NOT have a copy of IIM 1.8.5:-)That was the first problem ….Once
12
Book Review - Mastering Puppet Second Edition by Thomas Uphill
Fri, Sep 2nd 2016 3:09p   Dave Hay
This is another in my infrequent series of book reviews, working in collaboration with the British Computer Society: -Mastering Puppet Second Edition by Thomas UphillI'm currently investing some personal time in getting up-to-speed with some of the fundamental tools of Developer-Operations, aka DevOps, including Docker, UrbanCode Deploy, Git, OpenStack, Jenkins, Chef and, in this context, Puppet.There are, of course, overlaps between some of these tools, so I was interested to get a better unde
16
IBM BPM 8.5.7 - WSVR0009E during startup
Fri, Sep 2nd 2016 8:55a   Dave Hay
I saw this after a clean build of an IBM BPM Advanced 8.5.7 Deployment Environment ( this is a single-server deployment, for an IBM Integration Designer build ): -...[02/09/16 12:39:36:799 BST] 00000001 WsServerImpl E WSVR0009E: Error occurred during startupcom.ibm.ws.exception.RuntimeError: Failed to query the BPM version from database [jdbc/PerformanceDB]. Please check the ffdc log for detail information. For fresh installation scenario, please run the database initialization scripts under
12
More on Docker - this time it's IBM DataPower Gateway
Fri, Sep 2nd 2016 8:11a   Dave Hay
One of my colleagues kindly drew my attention to this nice little set of tutorials, which take one through using the IBM DataPower Gateway (IDG) on Docker: -Start With DockerExperience the CLI and WebUIYour first configurationwhich is excellent, as I'm definitely on the on-ramp for Docker and IBM Containers and, equally importantly, I wanted to learn more about DataPower.Having downloaded the image: -docker imagesREPOSITORY TAG IMAGE ID CREATED
10
IBM Installation Manager - Encoding Passwords
Thu, Sep 1st 2016 10:54a   Dave Hay
I'm creating a response file to install IBM Integration Designer (IID) 8.5.7 on a Windows 7 VM.As part of this, I'm installing DB2 Express under the covers, and need a password for the account to be used as the DB2 administrator.This password needs to be encoded, which I do within the response file.Thankfully, IBM Installation Manager (IIM) has a mechanism to do this: -"c:IBMInstallation Managereclipsetoolsimutilsc.exe" -silent -nosplash encryptString p455w0rdwhich returns this: -ZvkXmP226gF
17
VMware Fusion - Shared Folders and Administrator
Thu, Sep 1st 2016 9:48a   Dave Hay
I was wondering why my VMware Shared Folder ( mounted as Z: ) wasn't available to my Windows 7 VM *BUT* only when opened a command-prompt as Administrator ( via Run As Administrator ).When I logged into the VM, I did so as a non-administrative user.As far as I can establish, under the covers, the Shared Folder is mounted ( using the native Windows Server Message Block - SMB - protocol / drive ).It appears that this means that the drive ( Z: ) is only available to the logged-in user.This may be
13
Moving past Docker on Mac, IBM Containers on Bluemix
Wed, Aug 31st 2016 7:36a   Dave Hay
Having tinkered with WebSphere Liberty Profile on Docker over the past few days, as per recent posts to this blog, I wanted to go one stage further, and recreate a similar WLP / application on IBM Containers, which runs on IBM Bluemix.I'm definitely on the on-ramp for Bluemix, and the learning curve still looks rather steep …But here goes….Download and Install PrerequisitesBluemix_CLI_0.4.1.pkgcf-cli-installer_6.21.1_osx.pkgDockerToolbox-1.12.0.pkg SourcesDeploying your app with the command
14
Docker and Liberty - Scripting it
Tue, Aug 30th 2016 8:30a   Dave Hay
Next, I wanted to create a mechanism to allow me to automate the use of WebSphere Liberty Profile on Docker, with a view to creating a little process to: -(1) Create a Docker container from an existing WLP image(2) Deploy a simple web application ( I'm using Ferret, which is akin to good old Snoop from here )(3) Monitor the WLP logs(4) Run a basic functional test(5) Stop the container once testing has completed(6) Remove the containerso this is with what I came up: -Start a Container and assign
14
WebSphere Liberty Profile on Docker - Where are my logs ?
Tue, Aug 30th 2016 4:21a   Dave Hay
As per previous posts, I'm tinkering with Docker, using WebSphere Liberty Profile as my starting pointOne thing that was confusing me was the lack of Liberty logging ….In "normal" Liberty, the logs are here: -ls -al ~/wlp/usr/servers/defaultServer/logs/total 344drwxr-x--- 5 davidhay staff 170 28 Aug 05:34 .drwxr-x--- 9 davidhay staff 306 27 Aug 10:14 ..-rw-r----- 1 davidhay staff 47608 28 Aug 05:34 console.log-rw-r----- 1 davidhay staff 123862 28 Aug 05:34 messages.logdrw
15
WebSphere Application Server and IBM HTTP Server Security Bulletin List
Tue, Aug 30th 2016 3:17a   Dave Hay
This, via one of my IBM Germany friends QuestionIs there a list that contains the security bulletins that apply to WebSphere Application Server and IBM HTTP Server?AnswerThe following table is provided to help you locate WebSphere Application Server and IBM HTTP Server security bulletins.Note that the IBM Java runtime included with WebSphere Application Server provides an execution environment for non-IBM code. While the below table includes all IBM Java vulnerabilities related to the WebSphere
15
CWWKF1219E: The IBM WebSphere Liberty Repository cannot be reacher
Mon, Aug 29th 2016 4:12a   Dave Hay
This one has been bugging me for a day or so: -docker build -t websphere-liberty:artifactory ....Step 6 : RUN installUtility testConnection ---> Running in 40c4586b857eTesting the connection to all configured repositories ...This process might take several minutes to complete.Configured Repositories----------------------------------------------------------------------Name: IBM WebSphere Liberty Repository (Default Assets Repository)Status: Failed to connect to the configured repository.Reason
13
Microsoft Works 2000 to Microsoft Excel 2003 - LibreOffice has the answer
Sun, Aug 28th 2016 12:54p   Dave Hay
So I've given away the plot, to misquote Kenny Everett … One of my family members had a spreadsheet, which she was struggling to open in Microsoft Excel.Originally, the spreadsheet had been created in Microsoft Works 2000, on Windows 98.Time has moved on ...Now we have Excel, as part of Office 2003, which doesn't appear to have an import filter for Works.The internet was full of solutions, including a less-than-helpful Microsoft article: -Works: How to import and export Works spreadsheets to
23
Jenkins and Chef Compared - Someone else's PoV
Sun, Aug 28th 2016 1:00a   Dave Hay
I'm thinking about DevOps, after a weekend of tinkering with WebSphere Liberty Profile and Docker.So I asked the internet about Jenkins and Chef, and this is someone's PoV: -Jenkins is a continuous integration server, it's goal is to allow you to build and test the software you develop. The main strength of Jenkins are: • Integration with source control (SVN, Git, ...) • Integration with build systems (sometimes thru plugins), e.g. Maven for Java, XCode for iOS development, ... • Worker
22
Error "com.sun.jersey.core.spi.scanning.ScannerException" seen whilst using Artifactory on WebSphere Liberty Profile
Sat, Aug 27th 2016 5:17a   Dave Hay
I'm tinkering with a new (to me) tool, JFrog Artifactory, which is a Universal Repository Manager, on IBM WebSphere Liberty Profile (WLP).My objective is to run Artifactory on WLP within a Docker container.However, I wanted to ensure that it worked on WLP, before adding the additional "complexity" of Docker.This is in line with my "Make a change, test a change" approach to life, the universe, and everything.I'm doing this on my Mac using the latest version of WLP: -wlp-webProfile7-16.0.0.2
16
Internet facing deployment of IBM Business Process Manager
Fri, Aug 26th 2016 11:57p   Dave Hay
This Technote was published yesterday: -Internet facing deployment of IBM Business Process Manager…QuestionHow can IBM Business Process Manager capabilities be exposed in an internet facing deployment?IntroductionIBM Business Process Manager is a powerful process development platform - designed to allow business analysts to model process flows and user interface elements in a single package. In order to achieve this goal, there must be compromises for example in functional scope and programmin
13
IBM MQ - Little Gems
Thu, Aug 25th 2016 7:02a   Dave Hay
This from an IBM guru, Morag Hughson
22
SSL Client Authentication, Certificate Authorisation and IBM HTTP Server
Wed, Aug 24th 2016 3:15p   Dave Hay
ContextTo enable IBM HTTP Server (IHS) to "authorise" incoming requests based upon the "identity" of the client. This goes above and beyond SSL Client ( aka Mutual ) Authentication, where a server will require a client to present a valid certificate which both parties trust.This leverages the SSLClientAuthRequire directive in IHSDetailI tested this using IHS 8.5.5.8 on both Red Hat Linux and IBM AIX, using the Firefox browser in both cases.In the case of Linux, I created a pair of self-signe
14
DSRA8040I and SQL 1060N between IBM BPM and IBM DB2
Wed, Aug 24th 2016 4:57a   Dave Hay
We saw this yesterday: -Caused by: org.springframework.jdbc.CannotGetJdbcConnectionException: Could not get JDBC Connection; nested exception is java.sql.SQLNonTransientException: DB2 SQL Error: SQLCODE=-1060, SQLSTATE=08004, SQLERRMC=DB2USER1, DRIVER=4.19.49 DSRA0010E: SQL State = 08004, Error Code = -1,060Caused by: java.sql.SQLNonTransientException: DB2 SQL Error: SQLCODE=-1060, SQLSTATE=08004, SQLERRMC=DB2USER1, DRIVER=4.19.49 DSRA0010E: SQL State = 08004, Error Code = -1,060[23/08/16 15:00:
19
Apache - SSL/TLS Strong Encryption: FAQ
Wed, Aug 24th 2016 1:51a   Dave Hay
The wise man doesn't give the right answers, he poses the right questions.-- Claude Levi-StraussSSL/TLS Strong Encryption: FAQA teaser from the ToCInstallation • Why do I get permission errors related to SSLMutex when I start Apache? • Why does mod_ssl stop with the error "Failed to generate temporary 512 bit RSA private key" when I start Apache?Configuration • Is it possible to provide HTTP and HTTPS from the same server? • Which port does HTTPS use? • How do I speak HTTPS manually
14
IBM on Docker - My Next Thing
Fri, Aug 19th 2016 11:11a   Dave Hay
I'm looking at a new piece of discovery and self-development, so I'll be digging into Chef, Puppet, UrbanCode Deploy *AND* Docker So this will be required reading: -WebSphere under Docker: from Development to ProductionTL;DR You can now take your Docker images for WebSphere Application Server Full and Liberty Profile into production and get support. We've provided some resources to build production Liberty images and made them available on WASdev GitHub.Integrate Docker in your IBM Operationa
14
Gah, updating Windows 7
Fri, Aug 19th 2016 9:01a   Dave Hay
I keep hitting this one.I've just installed a "new" Windows 7 VM, and was getting annoyed with the lack of Windows Updates.This nailed it for me: -Installing and searching for updates is slow and high CPU usage occurs in Windows 7 and Windows Server 2008 R2which led me to this: -Update for Windows 7 for x64-based Systems (KB3102810)Job's a good 'un
17
IBM Redbooks | Deliver Modern UI for IBM BPM with the Coach Framework and Other Approaches
Fri, Aug 19th 2016 12:11a   Dave Hay
http://www.redbooks.ibm.com/Redbooks.nsf/RedpieceAbstracts/sg248355.html?Open
13
IBM BPM Security Hardening - use a web server
Thu, Aug 18th 2016 12:24p   Dave Hay
This from my IBM colleague, Jens Engelke, is definitely worth reading, bookmarking AND following :-)IBM BPM Security Hardening - use a web serverThis post is part of the IBM BPM Security Hardening series.The first rule of secure communications here is that no end user should ever reach a BPM application server directly. While earlier versions of IBM BPM required end users (at least developers using Process Designer) to access a BPM server via multiple protocols. There was HTTP traffic, EJB traff
13
Active Directory Certificate Services - "The revocation function was unable to check revocation because the revocation server was offline" - or the world's best error message
Tue, Aug 2nd 2016 3:22p   Dave Hay
I saw this: -Active Directory Certificate Services denied request 10 because The revocation function was unable to check revocation because the revocation server was offline. 0x80092013 (-2146885613). The request was for CN=bpm856.uk.ibm.com, DC=uk, DC=ibm, DC=com. Additional information: Error Constructing or Publishing Certificate earlier, whilst trying to issue a SSL certificate using AD Certificate Services: -certreq -submit -attrib "CertificateTemplate:Webserver" bpm856.uk.ibm.com_ihs.
15
IBM Design Thinking - the Who/What/Wow factor
Tue, Aug 2nd 2016 2:18p   Dave Hay
I was Slacking ( that's a verb now ! ) with a friend earlier about IBM Design Thinking, and referenced the Who/What/Wowsourced from the IBM Design Thinking site, which is definitely worth a look-see.
13
Keyboard shortcuts in IBM Notes - revisited
Mon, Aug 1st 2016 8:03a   Dave Hay
Re-using one of my posts from 2008 !!Control Key, Me Control - Anyone want a mouse ???in case I ever forget …..In IBM Notes on Mac OS X, press [cmd][shift][l] to bring up this: -Note that the list is scrollable, and there's a fair few shortcuts there :-)
10
Scripting the shell
Sun, Jul 31st 2016 2:46a   Dave Hay
One of my friends was looking for a mechanism to invoke a script as another user AND pass in a parameter.Challenge, accepted :-)Here's my script: -/home/db2inst1/foobar.sh #!/bin/bashecho "Hello World! from `whoami`"echo "And today's special is " $1 "!!! "exitand here's how I invoke it from another user ( root ): -su - db2inst1 -c '/home/db2inst1/foobar.sh Fish'Hello World! from db2inst1And today's special is Fish !!! su - db2inst1 -c "/home/db2inst1/foobar.sh Beef"Hello World! fr
20
IBM Operational Decision Manager Advanced 8.8.1 - My First Foray
Sun, Jul 31st 2016 1:38a   Dave Hay
I spent a few happy hours implementing ODM 8.8.1 on a Red Hat Linux VM yesterday, and have written up my notes below.Bottom line, this is pretty similar to my experiences with earlier versions ( 8.5, 8.6, 8.7 etc. ) with one exception: -- With 8.8.1, we've now split out the Rules Management Server onto a separate JVM, meaning that we potentially have two clusters and three serversFor this build, I've chosen to deploy Decision Center AND Decision Server; other options exist, of courseHope this
11
IBM Operational Decision Management 8.8.1 - My First Foray
Sat, Jul 30th 2016 2:47a   Dave Hay
I'm writing a post on how I built an IBM ODM Rules environment using the latest ODM Advanced 8.8.1 code.However, I hit a minor blocker early on, with this: -configure: [wsadmin] WASX7209I: Connected to process "dmgr" on node Dmgr using SOAP connector; The type of process is: DeploymentManager [wsadmin] WASX7303I: The following options are passed to the scripting environment and are available as arguments that are stored in the argv variable: "[/opt/IBM/ODM881, /opt/IBM/WebSphere/AppServer
13
Messing about with IPTables
Fri, Jul 29th 2016 2:13p   Dave Hay
I'm NOT a firewall or networking expert, so this is very much YMMV.I wanted to see if/how I could use the out-of-the-box IPTables firewall to block most connectivity to a web server ( IBM HTTP Server ) whilst allowing SSH connectivity and, more importantly, allowing incoming requests from Flush the existing rulesiptables -FAdd a rule to allow SSH connectivity only from a specific interface and host - actually the host VMiptables -A INPUT -i eth0 -p tcp -s 192.168.153.1 --dport 22 -m state --sta
10
IBM BPM Advanced 8.5.5 - Where's the Failed Event Manager ?
Wed, Jul 27th 2016 10:43a   Dave Hay
Clue, it's in the Deployment EnvironmentEasy when you know how :-)
11
Aide Memoire - F5 - Configuration Guide for BIG-IP Local Traffic Management
Wed, Jul 27th 2016 6:18a   Dave Hay
It's here: -Configuration Guide for BIG-IP Local Traffic ManagementConfiguration Guide for BIG-IP Local Traffic Management [PDF]The BIG-IP® local traffic management system is specifically designed to manage your local network traffic. Local traffic management refers to the process of managing network traffic that comes into or goes out of a local area network (LAN), including an intranet.This configuration guide applies to the set of local traffic management products that are part of the BIG-I
14
VMware Fusion - Stuck on "GRUB loading stage2"
Wed, Jul 27th 2016 4:22a   Dave Hay
I had this error: -GRUB loading stage2whilst attempting to boot a F5 BIG-IP Virtual Edition VMNo matter how many times I rebooted, the error kept popping up :-(I'm using VMware Fusion 8.1.1 on OS X 10.11.6.This thread: -Running BIGIP-11.3.0.39 on Oracle VirtualBox under Mac OS 10.9.2helped, specifically this: -Did you enable COM port? What Hypervisor version do you have?Yes, enabling COM Port helped. ThanksOnce I added a virtual Serial Port: -it just worked :-)
11
MQJCA1011 and the story of the missing IBM MQ JMS Provider permissions
Fri, Jul 22nd 2016 10:33a   Dave Hay
We saw this problem earlier this week: -Failed to load the WebSphere MQ native JNI library: 'mqjbnd'. The JVM attempted to load the platform native library 'mqjbnd', which was mapped to the filename: 'libmqjbnd.a'.When attempting to load the library, the JVM reported the error message:'mqjbnd (Not found in java.library.path)'in the context of a failing WebSphere Application Server (WAS) to IBM MQ (MQ) configuration.We found this, whilst trying to debug this: -com.ibm.mq.connector.Detaile
17
Disable desktop notifications for a site
Fri, Jul 22nd 2016 2:55a   Dave Hay
I was getting slightly cross ( hey, I'm British, what can I say? ) with Firefox 47's insistence on asking me whether I REALLY wanted notifications from a site, each and every time I opened or refreshed a page on that site.This had the answer: -Disable desktop notifications for a siteYou can reset this to the default (or outright disallow it) on a per-site basis by right-clicking somewhere in a blank spot of the site (or pressing Ctrl-I on Windows or Cmd-I on Mac) and then selecting "View Page
17
IBM Integration Bus - The names, they are a-changin'
Mon, Jul 18th 2016 9:42a   Dave Hay
So I still struggle to remember that, with IBM Integration Bus 9, the naming conventions inherited from WebSphere Message Broker ( and it's precedents ) have CHANGED.Here's a useful crib: -Name changes in IBM Integration Bus Version 9.0
9
F5 BIG-IP Local Traffic Manager ( LTM ) - Scripting It, Baby
Fri, Jul 8th 2016 10:11a   Dave Hay
Following on from my earlier posts: -F5 Load Balancing - My first few foraysF5 BIG-IP - More learning, more tinkering, more bloggingI've made yet more headway with this fascinating product.I'd referenced this excellent post: -Deploying F5 BIG-IP Virtual Edition on VMware Fusionwhich, in part, included the necessary F5 commands, using the tmsh utility, to set up a pair of network interfaces, some IP addresses and a default route: -tmsh create net vlan external interfaces add { 1.1 { untagged }
11
Ubuntu Linux and the growing file-system
Thu, Jun 30th 2016 4:14p   Dave Hay
A friend asked me how to resize a disk partition ( virtual disk ) in an Ubuntu VM on VMware.This is what I did: -Look at the existing disk layoutdf -kmhFilesystem Size Used Avail Use% Mounted on/dev/sda1 19G 3.6G 15G 20% /none 4.0K 0 4.0K 0% /sys/fs/cgroupudev 478M 4.0K 478M 1% /devtmpfs 98M 1.5M 97M 2% /runnone 5.0M 0 5.0M 0% /run/locknone 489M 216K 489M 1% /run/shmnone 100M 32K 100M
13
WebSphere Application Server 8.5.5.8, TLS 1.2 and DB2
Thu, Jun 30th 2016 2:44p   Dave Hay
It's been a day for old blog posts helping to fix new problems.Today, we saw this: -CWSIS1593I: The messaging engine, ME_UUID=E997A9EFA09498FC, INC_UUID=6DC2A53AD19710D7, has failed to gain an initial lock on the data store.CWSIS1538I: The messaging engine, ME_UUID=E997A9EFA09498FC, INC_UUID=6DC2A53AD19710D7, is attempting to obtain an exclusive lock on the data store.which led me here: -IBM Business Process Manager - Missing the BusHowever the resolution - to sort out the SIB tables - did NOT
9
My Cognos has fallen AGAIN and can't get up
Thu, Jun 30th 2016 2:21p   Dave Hay
We saw this problem: -CAM-CRP-1280 An error occurred while trying to decrypt using the system protection key. Reason: javax.crypto.BadPaddingException: Given final block not properly padded again today, on another IBM Business Monitor 8.5.5.0 environment.Again, it was due to our moving an AIX LPAR from one p780 server to another.So there's something in Cognos that REALLY loves the underlying hardware, assumedly an AES encryption key.Still, the solution was the same - force the Cognos configurat
12
F5 BIG-IP - More learning, more tinkering, more blogging
Fri, Jun 24th 2016 9:34a   Dave Hay
I'm continuing to learn more about the F5, in my quest to really understand how it all works, in the context of solving a tricksy little SSL handshake problem between an LTM and an IBM HTTP Server box.Here's a few commands that I've used: -tmsh show /ltm node----------------------------------------------Ltm::Node: bpm856.uk.ibm.com (192.168.153.200)----------------------------------------------Status Availability : unknown State : enabled Reason : Node add
13
WebSphere Plugin and the Case of the GSK_ERROR_BAD_KEYFILE_PASSWORD
Wed, Jun 22nd 2016 4:01p   Dave Hay
We've seen a few instances , where the WebSphere Plugin fails to communicate, via SSL, with WAS.This manifests itself as Error 500 / HTTP500 when accessing WAS via IHS, using hostname OR service name.Long story short, it looks like the Plugin SSL configuration files are getting "borked" by something.The plugin log shows this: -[22/Jun/2016:13:14:40.16292] 00d3008c 00000001 - ERROR: lib_security: logSSLError: str_security (gsk error 408): GSK_ERROR_BAD_KEYFILE_PASSWORD[22/Jun/2016:13:14:40.16
15
F5 Load Balancing - My first few forays
Wed, Jun 22nd 2016 1:29a   Dave Hay
I'm currently working on a situation whereby HTTPS load-balancing is inconsistently not working against IBM HTTP Server 8.5.5.To help me help the client's network team debug this, I've been tinkering with a F5 Local Traffic Manager (LTM) using VMware Fusion on my Mac.I found a slew of excellent articles on the F5 site including: -Load Balancing 101: Nuts and BoltsLoad balancing got its start in the form of network-based load balancing hardware. It is the essential foundation on which Applicat
11
IBM BPM - Process Center and Unit Test Environment Together
Mon, Jun 20th 2016 8:17a   Dave Hay
This article from 2014: -Creating a stand-alone Process Center profile in IBM BPM, Part 1: Configure a profile for IBM Business Process Manager V8.5 on Windows platformsA stand-alone Process Center profile for IBM® Business Process Manager (BPM) is useful for situations where memory and disk space are limited. Rather than install the Process Center as a network deployment environment with at least three profiles running, plus an additional profile to support the unit test environment server, th
12
Achieve your API strategy with IBM API Connect
Wed, Jun 15th 2016 1:54a   Dave Hay
This from a former colleague of mine, Carlo Marcoli: -To thrive in the API economy, you need to strategize your API approach and create, run, manage, and secure your APIs. With this dedicated focus on APIs, your company can share data and services in an easy-to-consume format. It can also create an ecosystem of partners and third parties that is much greater than the ecosystem you reach by using traditional channels. An effective API strategy treats an API as a business product with a well ident
17
Announced - IBM WebSphere Application Server V9.0
Wed, Jun 8th 2016 8:54a   Dave Hay
Saw this today: -IBM WebSphere Application Server V9.0 delivers the next-generation application infrastructure for modern applications to support seamless portability across hybrid cloud landscapesWebSphere® Application Server V9.0, with its traditional and Liberty run times, continues to offer industry-leading, production-ready, standards-based Java™ EE 7 compliant architecture.Highlights of Version 9.0 include: • Certification to the Java EE 7 Web Profile and Java EE 7 Full Platform for W
12
Webcast - Using IBM UrbanCode with IBM WebSphere to Accelerate Business Transformations
Wed, Jun 8th 2016 8:36a   Dave Hay
As found on Twitter today: -Great news for WebSphere Application Server Administrators, IT Managers, Directors and anyone with challenges associated with deploying applications and configurations to WebSphere Application Server in its traditional version, Liberty or as a Service. IBM UrbanCode Deploy has WAS covered! IBM UrbanCode Deploy can reduce overall cycle times and accelerate time-to-test and time-to-market for clients. In this call, attendees will learn how to accelerate WAS deployments
17
Problems installing IBM Integration Designer - I *MUST* read my own blog
Mon, Jun 6th 2016 4:07p   Dave Hay
I was trying to install IBM Integration Designer 8.5.5 via a response file, and kept finding that the installation failed to complete, and that DB2 Express ( part of the IID WebSphere Test Environment - WTEt ) failed to install.I broke the installation down into its component parts, and tried to simply install DB2: -"c:IBMInstallation Managereclipsetoolsimcl.exe" -input z:tmpiid856installDB2_WIN64.rsp -acceptLicenseThis explicitly failed: -ERROR: Error preparing IBM® DB2 Express 64 bit CRIMC
10
Bulletproof SSL and TLS
Fri, Jun 3rd 2016 3:39p   Dave Hay
This time, it's not a book review, it's a book purchase …I signed up for a free one-week introduction to SSL/TLS, partly to help me cement my understandingSubscribe to my free crash course about everything SSL/TLS and PKIAt the end of it, I decided to purchase the author, Ivan's, book: -Bulletproof SSL and TLSwhich I've just downloaded as an ebook :-)Something for the weekend ….In the meantime, Ivan is available here on Twitter
8
IBM Global Security Toolkit - CTGSK2041W An unsupported modulus size was found.
Fri, Jun 3rd 2016 12:20p   Dave Hay
I'm still tinkering with different ciphers and signature algorithms in IBM HTTP Server, as per this: -IBM HTTP Server, Global Security Toolkit and CTGSK3039Wand hit this today when attempting to create a self-signed certificate using the SHA256WithECDSA Signature Algorithm: -/opt/IBM/HTTPServer/bin/gskcapicmd -cert -create -db /opt/IBM/HTTPServer/ssl/keystore.kdb -stashed -size 2048 -dn "cn=bpm856.uk.ibm.com,dc=uk,dc=ibm,dc=com" -label bpm856.uk.ibm.com_ss -default_cert yes -sigalg SHA256With
12
Fun, Not With Flags, but with Passwords in IBM Installation Manager
Fri, Jun 3rd 2016 8:37a   Dave Hay
I'm installing IBM Integration Designer (IID) 8.5.6 into a Windows VM, as I prepare to write some BPM Advanced SCA/BPEL code ….However, I hit a pesky password problem with DB2, upon which the IID test environment ( BPM Advanced ) depends.This is what I did: -"c:IBMInstallation Managereclipsetoolsimcl.exe" -input z:tmpiid856installIID856.rsp -acceptLicenseand this is what I saw: -ERROR: Error during "install" phase: ERROR: Password is required.Installed com.ibm.integration.designer.v85_8.
10
Microsoft Active Directory - SSL Certificate Request - And what I forgot
Fri, Jun 3rd 2016 8:36a   Dave Hay
I was trying to generate an SSL certificate, signed by Active Directory ( on Windows Server 2008 R2 SP1 ), using the certreq command: - certreq -submit -attrib "CertificateTemplate:Webserver" bpm856.uk.ibm.com_ihs.req bpm856.uk.ibm.com_ihs.cerwhich kept popping up with: -and: -Active Directory Enrollment Policy {2738EA28-25D5-4E51-841F-73F6AEFBB682} ldap:Certificate Request Processor: The system cannot find the file specified. 0x80070002 (WIN32: 2)I couldn't work out what I'd missed … un
19
More on IBM Integration Designer 8.5.5 - "Unable to get property isExists of undefined or null reference"
Wed, Jun 1st 2016 1:52a   Dave Hay
Following this post from last year: -IBM Integration Designer 8.5.5 - "Unable to get property isExists of undefined or null reference"in which I write about the issue of installing IBM Integration Designer (IID) from a shared drive on a Windows server.Most recently, I saw this whilst trying to install IID from a VMware Shared Folder, using VMware Fusion on my Mac, to a Windows 2008 Server R2 VM. I had previously unpacked the installation media into a directory on my Mac, and was hoping to inst
11
IBM HTTP Server, Global Security Toolkit and CTGSK3039W
Tue, May 31st 2016 4:26p   Dave Hay
I have written about this before: -CTGSK3039W Certificate request "ibmbpm.uk.ibm.com" could not be created.More on CTGSK3039W Certificate request "ibmbpm.uk.ibm.com" could not be created.but I continue to learn.This time around, I'm trying to create a Certificate Request using a different Signature Algorithm, SHA256WithECDSA, as follows: -/opt/IBM/HTTPServer/bin/gskcapicmd -certreq -create -db /opt/IBM/HTTPServer/ssl/keystore.kdb -pw passw0rd -label bpm856.uk.ibm.com -dn cn=bpm856.uk.ibm.co
13
DB2 on Windows - SQL1042C An unexpected system error occurred
Mon, May 30th 2016 12:45p   Dave Hay
I see this on Windows: -When I tried to start DB2: -db2startI saw this: -ADM12026W The DB2 server has detected that a valid license for the product "DB2 Express Edition" has not been registered.DB2 : The service has returned a service-specific error code.SQL1022C There is not enough memory available to process the command. SQLSTATE=57011I checked, and, yep, I have no license :-(db2licm -lProduct name: "DB2 Express Edition"License type: "License not
11
Book Review - Swift Essentials Second Edition by Dr Alex Blewitt
Wed, May 25th 2016 1:30a   Dave Hay
This is the latest in my series of relatively infrequent book reviews for the British Computer Society: -Swift Essentials Second Edition by Dr Alex Blewitthttps://www.packtpub.com/application-development/swift-essentials-second-editionAs a non-developer, I was broadly aware of Apple's announcement of Swift at their World-Wide Developers Conference (WWDC) in 2014, and had picked up enough to know that Swift was being actively promoted as an alternative to Objective C for iOS and OS X application
10
IBM WebSphere Application Server for Distributed Platforms, Version 8.5 - Scripting various types of applications
Fri, May 13th 2016 10:50a   Dave Hay
Found this whilst looking for Something Completely Different (TM) IBM WebSphere Application Server for Distributed Platforms, Version 8.5 - Scripting various types of applications [PDF]Example of the ToCChapter 1. Scripting for data access resourcesConfiguring data access with wsadmin scriptingConfiguring a JDBC provider using wsadminConfiguring new data sources using wsadminConfiguring new connection pools using wsadminChanging connection pool settings with the wsadmin toolConfiguring new data
21
IBM BPM Advanced 8.5.7 - CWLLG1356E: At attempt failed to get the current user context
Thu, May 12th 2016 3:22p   Dave Hay
We saw this exception today: -CWLLG1356E: At attempt failed to get the current user context. com.lombardisoftware.client.delegate.BusinessDelegateException: ObjectId password for authorization validation is nullafter an automated ( via UrbanCode Deploy ) build of IBM BPM Advanced 8.5.7 ( specifically a Process Center ).This happened when we hit the Process Center login page ( https://bpmpc.uk.ibm.com/ProcessCenter ), whilst already logged in ( to the Deployment Manager ) as wasadmin.I jumped to
12
Good practice – Use the rolling upgrade option when you update IBM BPM
Thu, May 12th 2016 6:56a   Dave Hay
This came up in a Sametime chat earlier today …In the context of an IBM BPM 8.5.6 Cumulative Fix update, which do we upgrade / patch first - Process Center or connected Process Server(s) ?I thought - and was correct - that we should always start with the Process Servers before patching the Process Center.My Polish colleague, M, confirmed this: -Good practice – Use the rolling upgrade option when you update IBM BPM…If you install IBM® Business Process Manager (BPM) fix packs V7.5.1.2, V8.0
10
Obtaining the WebSphere MQ classes for JMS
Sat, May 7th 2016 10:45a   Dave Hay
This pertains to my current project - debugging a SSL/TLS connection issue between WebSphere Application Server 8.5.5.8 and WebSphere MQ 8.0.0.4 …How do I obtain just the WebSphere MQ classes for JMS JAR files? I want these JAR files to be used with the MQ Light Service in Bluemix, or to be deployed into a software management tool, or to be used with standalone client applications in my company.Obtaining the WebSphere MQ classes for JMSOnce I've debugged the problem - com.ibm.mq.MQException:
11
IBM Integration Bus v10 Self-Enablement
Sat, May 7th 2016 9:37a   Dave Hay
I found this whilst searching for something completely different ….IBM Integration Bus v10 self study labs update (April 2016)Some IBM® Integration Bus V10 betaworks labs have been updated or are new for IIB 10.0.0.4. The latest list of labs can be found on the Resources > Integration Bus > Self-study labs page. Each lab comprises instruction guides as PDF files, and is usually accompanied by an archive file (.zip file) that you can use to complete the lab activities. These self study l
14
IBM BPM 8.5.7 - What's Not To Learn ?
Fri, May 6th 2016 1:17p   Dave Hay
So we have Videosand specifically this ( on YouTube ): -Getting Started with Process Federation in IBM BPM 8.5.7
6
IBM Training Site - Looking Delicious
Mon, May 2nd 2016 1:50p   Dave Hay
IBM Training and SkillsWhat IBM Skills Do You Want To Learn Today?
6
WebSphere Application Server - Converting Internal CA Certificates from one Signature Algorithm to Another
Sat, Apr 23rd 2016 6:33p   Dave Hay
I have a need to switch my internal WAS cell-default certificates ( root, default etc. ) from one Signature Algorithm ( SHA1 ) to another ( SHA256 )We have an app ^H^H^H tool for that.Here's my journey: -Start WSAdmin/opt/IBM/WebSphere/AppServer/profiles/PCDmgr01/bin/wsadmin.sh -lang jython -user wasadmin -password passw0rdConvert Certificates to SHA256withRSAAdminTask.convertCertForSecurityStandard('[-fipsLevel SP800-131 -signatureAlgorithm SHA256withRSA -keySize 2048 ]')Save and SyncAdminCo
6
WebSphere User Group, IBM South Bank, Monday 25 April 2016
Fri, Apr 15th 2016 8:27a   Dave Hay
We are pleased to confirm that the next meeting of the WebSphere User Group (UK) will take place on Monday 25th April 2016, to be held in the IBM Client Centre at IBM South Bank, London. There will be no charge for this meeting and as usual we aim to have an excellent agenda lined up, covering a range of current and emerging WebSphere technologies.Provisional AgendaFor the most recent agenda, logistics and registration, please visit the WUG website here.Hope to see you there - I'll be speaking
7
MacBook Pro and USB - Interesting Quirkiness
Wed, Apr 13th 2016 3:35p   Dave Hay
I'm using a MacBook Pro: -I've seen this a few times: -034378.680514 SSP4@14700000: AppleUSB30XHCIPort::resetAndCreateDevice: failed to create device after (1) tries, disabling port034414.624087 SSP4@14700000: AppleUSB30XHCIPort::resetAndCreateDevice: failed to create device after (1) tries, disabling port034416.245827 SSP4@14700000: AppleUSB30XHCIPort::resetAndCreateDevice: failed to create device after (1) tries, disabling port037923.490801 SSP1@14500000: AppleUSB30XHCIPort::resetAndCreateDe
5
WebSphere Application Server - Managing the Service Integration Bus using Python
Wed, Apr 13th 2016 2:55p   Dave Hay
A friend asked me: -Hi Dave -- do you know the AdminConfig.getid(type:scope) to get a SIBus engine? not sure what type and scope need to be passed in It took me a wee while, but I shared this: -for bus in AdminTask.listSIBuses().splitlines(): name=AdminConfig.showAttribute(bus, "name") print AdminConfig.getid("/SIBus:"+ name) which results in: -BPM.PCCellDe1.Bus(cells/PCCell1/buses/BPM.PCCellDe1.Bus|sib-bus.xml#SIBus_146
14
IBM WebSphere Plugin - GSK_ERROR_BAD_CERT and GSK_INVALID_HANDLE after an upgrade
Tue, Apr 12th 2016 1:25a   Dave Hay
During a recent transition from SHA1 to SHA2 signature algorithms *AND* an upgrade from WebSphere Application Server (WAS) 8.5.5.4 to 8.5.5.8, we hit an interesting challenge yesterday.We're using IBM HTTP Server (IHS) and the WebSphere Plugin on one AIX LPAR, fronting IBM Integration Bus (IIB) on another LPAR.We've got a set of IIB flows, all of which are being offered up via IHS through the WebSphere Plugin configuration.Once the 8.5.5.8 upgrade ( including IHS and Plugin ) was completed, we
5
IBM Business Monitor - CWMAX4203E: RESTSecurityAdminMBean instance was not found
Fri, Apr 8th 2016 8:14a   Dave Hay
I saw this error earlier: -CWMAX4203E: RESTSecurityAdminMBean instance was not found.whilst checking my Monitor models, in IBM Business Monitor 8.5.5, after making some SSL/TLS related changes between WebSphere Application Server (WAS) and DB2.I saw this when I navigated to Applications > Monitor Models.This caused me to briefly panic.Thankfully, I found that someone had seen a similar issue, documented in a Problem Management Report (PMR).For context, in order to make my configuration change
6
Book Review - The Purpose of Change is Problem Solving
Wed, Apr 6th 2016 4:13p   Dave Hay
This is the latest in my series of relatively infrequent book reviews for the British Computer Society: -The Purpose of Change is Problem SolvingI chose this book mainly based upon the title, to which I related as aninveterate solver of problems.Whilst the book is absolutely about problem solving, it wasn't quitewhat I expected. In this book, the author, Janos Korn, digs deeply intothe use of language, including semantics, natural language andstructure.Thus I found the book to be of somewhat li
8
My Cognos has fallen and can't get up
Tue, Apr 5th 2016 8:21a   Dave Hay
Purely FYI, in case you hit this problem, someone (!) managed to break my IBM Business Monitor 8.5.5 installation over the weekend, most likely when the underlying AIX LPARs were shut down and moved from one physical box to another.I saw a bunch of nasty exceptions in the Cognos instance pogo logs: - 2016-04-05 09:21:54.467 FATAL [.authorization.AuthorizationAdapterFactory] Thread-95: Unable to initialize the Access Control Modulecom.ibm.cognos.internal.camaaa.accesscontrol.AccessControlExceptio
8
Oops, my WAS upgrade broke my TLS
Wed, Mar 30th 2016 2:11p   Dave Hay
I saw this earlier today: -[30/03/16 11:35:53:371 BST] 00000001 ORBRas E com.ibm.ws.orbimpl.transport.WSTransport createServerSocket P=152627:O=0:CT ORBX0390E: Cannot create listener thread. Exception=[ org.omg.CORBA.INTERNAL: CAUGHT_EXCEPTION_WHILE_CONFIGURING_SSL_SERVER_SOCKET, Exception=java.lang.IllegalArgumentException: Cannot support SSL_ECDHE_RSA_WITH_AES_256_GCM_SHA384 with currently installed providers vmcid: 0x49421000 minor code: 77 completed: No - received while attempting t
5
Thycotic - Good insight into SSL/TLS
Mon, Mar 28th 2016 1:48p   Dave Hay
I found this: -SSL: Beyond the BasicsSSL: Beyond the Basics Part 2: CiphersSSL: Beyond the Basics Part 3: CertificatesSSL: Beyond the Basics Part 4: Strict Transport Securitywhilst doing some research into the SSL/TLS ciphers supported by various versions of Windows.Whilst I was specifically reading Part 2, the complete set of articles is definitely something to which I'm going to return and return.Nice job, Thycotic.
17
Error handshake_failure seen when connecting to WebSphere Application Server using SOAP over HTTPS
Sat, Mar 26th 2016 12:50p   Dave Hay
I saw a bunch of SSL-related errors when attempting to use / access the WebSphere Application Server SOAP-based administration service: -/opt/IBM/WebSphere/AppServer/profiles/Dmgr01/bin/wsadmin.sh -lang jython -user wasadmin -password passw0rd -host `hostname` -port 8879 including: -...WASX7023E: Error creating "SOAP" connection to host "bpm856.uk.ibm.com"; exception information: com.ibm.websphere.management.exception.ConnectorNotAvailableException: [SOAPException: faultCode=SOAP-ENV:Client;
7
Using OpenSSL to generate personal certificates on Mac OS X and Windows
Sat, Mar 26th 2016 12:49p   Dave Hay
Following on from a previous post: -IBM HTTP Server - Tinkering with SSL Client Authenticationand, from my ongoing voyage of discovery this weekend: -MacGenerate Private Keyopenssl genrsa -out ~/macintosh.uk.ibm.com.key 2048Create Certificate Service Requestopenssl req -new -sha256 -key ~/macintosh.uk.ibm.com.key -out ~/macintosh.uk.ibm.com.csrGenerate Personal Certificate using Certificate Service Request ( on Windows Server 2008 R2 )certreq.exe -submit -attrib "CertificateTemplate:User" maci
17
"javax.net.ssl.SSLHandshakeException: no cipher suites in common" seen in WebSphere Application Server Node Agent logs
Sat, Mar 26th 2016 12:16p   Dave Hay
Following hot on the heels from my last post: -Error handshake_failure seen when connecting to WebSphere Application Server using SOAP over HTTPSI started seeing: -…[26/03/16 15:38:45:206 GMT] 00000048 SSLHandshakeE E SSLC0008E: Unable to initialize SSL connection. Unauthorized access was denied or security settings have expired. Exception is javax.net.ssl.SSLHandshakeException: no cipher suites in common…Caused by: javax.net.ssl.SSLHandshakeException: no cipher suites in common…[26/03
9
IBM HTTP Server - Tinkering with SSL Client Authentication
Fri, Mar 25th 2016 4:11p   Dave Hay
I'm tinkering with so-called Mutual Authentication (MA) between various middleware components, from browser through to back-end WebSphere Application Server (WAS).Here's what I'm reading: -Client authenticationIBM HTTP SSL Server Questions and AnswersSSL DirectivesI'm also referencing this: -The Most Common OpenSSL Commandsas I'm using openSSL to create personal device certificates etc. to allow a client browser to MA to IHS: -Generate a Private Key on my Macopenssl genrsa -out ~/macintosh.
5
Java EE, the next inception: A primer to WebSphere Liberty for Java EE developers
Thu, Mar 24th 2016 2:20p   Dave Hay
I saw this on Twitter and wanted to reshare: -Java EE, the next inception: A primer to WebSphere Liberty for Java EE developersLearn the basics of how IBM® WebSphere® Application Server Liberty profile works, and how its architecture differs significantly from that of older Java™ EE application servers. This background will be helpful for understanding how to install a local Java EE application development environment using Eclipse and Liberty, as well as how to deploy Liberty applications.S
5
Virtual Proof of Technology: Highlighting new Features of WebSphere Liberty for 1Q 2016 - 30 March 2016
Mon, Mar 21st 2016 8:53a   Dave Hay
A new edition of our Virtual Proof Of Technology (VPOT) Series for IBM® WebSphere® Liberty will again be offered in 1st Quarter. We will briefly cover the primary benefits of WebSphere Liberty, and show how it provides your path to Hybrid Cloud for Java applications. We will show why Liberty is an ideal runtime for new microservices applications, and then drill down into the new enhancements in Liberty V 8.5.5.8 available since December, 2015, and Liberty V8.5.5.9 planned to be available on Ma
5
IBM Connections Metrics - Updated
Sun, Mar 13th 2016 3:58a   Dave Hay
This came up in discussion on Friday.I revisited a personal blog post from early 2012: -IBM Connections - Reporting and Metricsand validated the metrics URLs for Connections 5 on w3: -Activitieshttps://w3-connections.ibm.com/activities/service/html/servermetricsBlogshttps://w3-connections.ibm.com/blogs/roller-ui/servermetrics.do?lang=en_usBookmarkshttps://w3-connections.ibm.com/dogear/toolbox/servermetrics?lang=en_usCommunitieshttps://w3-connections.ibm.com/communities/service/html/servermetrics
9
IBM BPM Advanced - Process Inspector, no go-go
Thu, Mar 10th 2016 2:08p   Dave Hay
I saw this: -The attempt to establish a secure connection to the server has failed. See SSL fails when host name configuration fails for details.when attempting to access Process Inspector, via Process Admin, in IBM BPM Advanced 8.5.5.I also saw this: -[09/03/16 09:17:07:483 GMT] 00000137 BPMInspectorR W Exception during request processing:javax.servlet.ServletException: com.ibm.processinspector.rest.ProcessAdminRestException: The attempt to establish a secure connection to the server has fail
9
openSSL on Windows - random lack of state
Thu, Mar 10th 2016 1:27p   Dave Hay
I saw this exception: -unable to write 'random state'whilst trying to use openSSL on Windows.I was trying to convert a CA-signed personal certificate ( and the corresponding private key ) into a PKCS12 file, in order to import the same into Firefox.Thankfully Google drew me to this: -Using openssl what does "unable to write 'random state'" mean? [closed]which led me to a solution.I was running the openSSL tool via a Windows command-prompt ( terminal ) session but was NOT running it as an a
6
Advanced database support for IBM Business Process Manager (BPM) Standard, IBM Business Process Manager Advanced, and IBM Business Monitor on distributed platforms
Thu, Mar 10th 2016 1:20a   Dave Hay
I had occasion to reference this earlier: -QuestionWhich advanced configurations of IBM DB2, Oracle, and Microsoft SQL Server databases are supported for the IBM Business Process Manager and IBM Business Monitor products?AnswerThis document outlines which configurations of IBM DB2, Oracle, and Microsoft SQL Server databases are supported for IBM Business Process Manager and IBM Business Monitor. In this document, the following information is available: • Database independent limitations • IB
12
Playing with Veertu on the Mac
Tue, Mar 8th 2016 8:07a   Dave Hay
I heard about Veertu on a recent British Tech Network Mac podcast and have been tinkering with it on and off since.From their website: - • Run Windows and Linux on your Mac. • Fast, light and secure. • The only virtualization solution approved by Apple App Store.The free-to-use version only allows one to create VMs by downloading the "raw" ISOs from the internet: -Therefore, I chose to download/install CentOS Linux.One thing that caught me out was that, having chosen a minimal installati
7
IBM BPM 8.5.6 - Scrabbling with Snapshots
Tue, Mar 8th 2016 4:14a   Dave Hay
As part of a BPM Advanced 8.5.6 build, I wanted to be able to test the creation/deployment of a Process Application snapshot from a Process Center to a Process Server.I used this: -Creating a processas an aide memoire to remind me how to create a Process Application in Process Designer ( it's been a while ).Having finished testing, I archived and deleted the snapshot from Process Center.However, I also wanted to do the same for Process Server, rather than leaving my stuff lying about :-)This is
7
Trumpet Blowing - The Andy and Dave Show at InterConnect 2016
Wed, Mar 2nd 2016 2:59p   Dave Hay
My frolleague, Andy Garratt, and I co-presented at InterConnect in Vegas last week, and our materials have just been posted: -BBP-1291: Avoiding Dysfunctional Processes: Why Non-Functional Requirements are Vital to BPM Success [PDF]Smarter Process Discovery and Design focuses on the people, the systems, and how to make the process Smarter; that is, the functional requirements. But this is only half the story. Neglecting non-functional Requirements (NFRs) upfront can lead to big problems later on
7
More about BPM and Scalability from InterConnect 2016 - Or, someone has a deck for that :-)
Wed, Mar 2nd 2016 1:47p   Dave Hay
BBP-2974: Best Practices for IBM BPM Platform OperationsBBP-3194: How to Build Scalable and Resilient Enterprise-Class BPM Solutions PEJ-1152: Planning for Catastrophe: WebSphere Application Server and IBM BPM Disaster RecoveryBTB-2581: Smarter Process TopologiesPS These links are all PDFs, and were sourced here: -https://www-950.ibm.com/events/global/interconnect/sessions/ipresentations.html
7
InterConnect 2016 - Planning for Catastrophe with IBM WebSphere Application Server & IBM Business Process Manager - Tom Alcott and Chris Richardson
Tue, Mar 1st 2016 6:55a   Dave Hay
From the InterConnect site: -https://www-950.ibm.com/events/global/interconnect/sessions/ipresentations.htmlwe have this: -Planning for Catastrophe with IBM WebSphere Application Server & IBM Business Process Manager [PDF]Definitely worth a read …...
9
WAS - Looking at Ciphers
Mon, Feb 29th 2016 10:49a   Dave Hay
I was interested in the list of SSL/TLS ciphers available, once I switched to TLS 1.2 and the unrestricted JRE ciphers.This is how I can find out what WAS is offering: -cellID = AdminControl.getCell()print AdminTask.listSSLCiphers('[-sslConfigAliasName CellDefaultSSLSettings -scopeName (cell):'+cellID+' -securityLevel HIGH ]')SSL_RSA_WITH_AES_128_CBC_SHASSL_RSA_WITH_AES_256_CBC_SHASSL_DHE_RSA_WITH_AES_128_CBC_SHASSL_DHE_RSA_WITH_AES_256_CBC_SHASSL_DHE_DSS_WITH_AES_128_CBC_SHASSL_DHE_DSS_WITH




Created and Maintained by Yancy Lent - About - Planet Lotus Blog - Advertising - Mobile Edition