Sunday, April 5, 2015

Configuring SSL in Apache Web server

 SSL certificates to enable HTTPS.

The following documents the steps required to generate the SSL certificate and install/configure it in Wildfly.

You can get some cheap SSL certificates here: https://www.ssls.com or godaddy.com

First you need to create a CSR (certificate signing request). It’s recommended to use at least a 2048 bit key and you can generate one with the following command:


1  openssl req -new -newkey rsa:2048 -nodes -keyout yourdomain.com.key -out yourdomain.com.csr
The output will be similar to the following:

Generating a 2048 bit RSA private key
...............................................................................+++
...........+++
writing new private key to 'yourdomain.com.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Next answer the questions you are prompted for:

Country Name (2 letter code) [AU]:NZ
State or Province Name (full name) [Some-State]:Canterbury
Locality Name (eg, city) []:Christchurch
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Dark Horse Software
Organizational Unit Name (eg, section) []:
Common Name (e.g. server FQDN or YOUR name) []:yourdomain.com
Email Address []:<a valid email address> (I use ssl@yourdomain.com)

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:<secret password>
An optional company name []:

Finally you are ready to request your SSL certificate. Go and purchase a certificate from any trusted SSL certificate provider. A standard certificate is probably all you need for basic security. I get mine from: https://www.ssls.com.

After purchasing you will need to activate your certificate. Your provider will ask you to copy and paste in the CSR you created above. Copy everything in that file.

~$ cat yourdomain.com.csr
-----BEGIN CERTIFICATE REQUEST-----
<Random characters in here>
-----END CERTIFICATE REQUEST-----

After your certificate is issued download it (and unzip if needed).

<VirtualHost *:443>
    ServerName yourservername
    SSLEngine on
    SSLCertificateFile /etc/httpd/ssl/daebd1197e697cdd.crt
    SSLCertificateKeyFile /etc/httpd/ssl/opentap.in.key
    #modjk mount
   <Location />
      JkMount node1
      Order deny,allow
      Allow from all
  </Location>
</VirtualHost>

Saturday, April 4, 2015

Configuring SSL in JBOSS Wildfly 8

   I’ve just set up a couple of servers running Wildfly 8 and they needed SSL certificates to enable HTTPS. The following documents the steps required to generate the SSL certificate and install/configure it in Wildfly.

You can get some cheap SSL certificates here: https://www.ssls.com or godaddy.com

First you need to create a CSR (certificate signing request). It’s recommended to use at least a 2048 bit key and you can generate one with the following command:


1  openssl req -new -newkey rsa:2048 -nodes -keyout yourdomain.com.key -out yourdomain.com.csr
The output will be similar to the following:

Generating a 2048 bit RSA private key
...............................................................................+++
...........+++
writing new private key to 'yourdomain.com.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Next answer the questions you are prompted for:

Country Name (2 letter code) [AU]:NZ
State or Province Name (full name) [Some-State]:Canterbury
Locality Name (eg, city) []:Christchurch
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Dark Horse Software
Organizational Unit Name (eg, section) []:
Common Name (e.g. server FQDN or YOUR name) []:yourdomain.com
Email Address []:<a valid email address> (I use ssl@yourdomain.com)

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:<secret password>
An optional company name []:

Finally you are ready to request your SSL certificate. Go and purchase a certificate from any trusted SSL certificate provider. A standard certificate is probably all you need for basic security. I get mine from: https://www.ssls.com.

After purchasing you will need to activate your certificate. Your provider will ask you to copy and paste in the CSR you created above. Copy everything in that file.

~$ cat yourdomain.com.csr
-----BEGIN CERTIFICATE REQUEST-----
<Random characters in here>
-----END CERTIFICATE REQUEST-----

After your certificate is issued download it (and unzip if needed). You will also need the CA (Certificate Authority) root bundle. This is basically the SSL certificate providers credentials proving they are trusted. Once you have these you need to create a Java keystore file. This is a two step process. First creating a pkcs12 file from your SSL certificate and then importing that into a keystore file.

Step 1

openssl pkcs12 -export -in yourdomain.com.crt -inkey yourdomain.com.key -out yourdomain.com.p12 -name default -CAfile your_provider_bundle.crt -caname root

Step 2
keytool -importkeystore -deststorepass <secret password> -destkeypass <secret password> -destkeystore yourdomain.com.jks -srckeystore yourdomain.com.p12 -srcstoretype PKCS12 -srcstorepass <secret password used in csr> -alias default

Copy the new keystore file to the your Wildfly configuration directory

sudo cp yourdomain.com.jks /usr/local/wildfly/wildfly-8.1.0.Final/standalone/configuration/


Insert the following into your standalone.xml in the <profile></profile> section.

<subsystem xmlns="urn:jboss:domain:undertow:1.1">
            <buffer-cache name="default"/>
            <server name="default-server">
               <!-- <http-listener name="default" socket-binding="http"/> -->
                <https-listener name="https" socket-binding="https" security-realm="UndertowRealm"/>
                <host name="default-host" alias="localhost">
                    <location name="/" handler="welcome-content"/>
                    <filter-ref name="server-header"/>
                    <filter-ref name="x-powered-by-header"/>
                </host>
            </server>
            <servlet-container name="default">
                <jsp-config/>
            </servlet-container>
            <handlers>
                <file name="welcome-content" path="${jboss.home.dir}/welcome-content"/>
            </handlers>
            <filters>
                <response-header name="server-header" header-name="Server" header-value="WildFly/8"/>
                <response-header name="x-powered-by-header" header-name="X-Powered-By" header-value="Undertow/1"/>
            </filters>
        </subsystem>

insert the following lines in

<security-realms> </security-realms> section in standalone.xml
<security-realm name="UndertowRealm">
<server-identities>
<ssl>
<keystore path="yourdomain.com.jks" relative-   to="jboss.server.config.dir" keystore-password="<secret password>"/>
</ssl>
      </server-identities>
</security-realm>

Commands for restarting the wildfly

stop command: from wildfly bin dir ./jboss-cli.sh --connect command=:shutdown

Start command: nohup ./standalone.sh

You are done. now you can access the server by https

Installing SVN Repository in Linux

Steps for installing SVN repository installation in linux

1. Update pre-installed software:
# sudo yum update -y

2. If Apache is not installed (guide):
    # sudo yum groupinstall "Web Server" "MySQL Database" "PHP Support"
    # sudo yum install php-mysql
    # sudo service httpd start

3. Install subversion and mod_dav_svn (should see a long list of all changes):
# sudo yum install mod_dav_svn
# sudo yum install subversion

4. Edit the Apache configuration file for subversion:
# sudo vi /etc/httpd/conf.d/httpd.conf
    include the following lines

LoadModule dav_svn_module     modules/mod_dav_svn.so
LoadModule authz_svn_module   modules/mod_authz_svn.so
<VirtualHost *:70>
 <Location /repos>
DAV svn
SVNParentPath /var/www/svn
SVNListParentPath On
SVNPathAuthz On
AuthType Basic
AuthName "Subversion"
AuthUserFile /var/www/svn-auth/passwd
AuthzSVNAccessFile  /var/www/svn-auth/access
Require valid-user
Order deny,allow
Allow from all
  </Location>
</VirtualHost>

5. Modify the DocumentRoot and Listen port
DocumentRoot "/var/www"
Listen 70

6. Create the directory which will contain the subversion repository:
# sudo mkdir /var/www/svn

7. Create the directory which will contain the permissions files.
# sudo mkdir /var/www/svn-auth

Create the permission file:
# sudo vi /var/www/svn-auth/access
And fill it with (replace Eswar, Rajasekar, Simbu with your usernames):
[/]
Eswar = rw
Rajasekar = rw
Simbu = rw

8. Create and add to the password file (use -c the first time to create)
# sudo htpasswd -cb /var/www/svn-auth/passwd Eswar pwd
# sudo htpasswd -b /var/www/svn-auth/passwd Rajasekar pwd
# sudo htpasswd -b /var/www/svn-auth/passwd Simbu pwd

9. Create a repository (REPONAME is the name of your repository eg projectrepo):
    # cd /var/www/svn
    # sudo svnadmin create REPONAME

10. Change files authorization (again after creating new repos too):
# sudo chown -R apache.apache /var/www/svn /var/www/svn-auth
# sudo chmod 600 /var/www/svn-auth/access /var/www/svn-auth/passwd

11. Start apache web server:
    # sudo service httpd restart

Verify the subversion repo by opening in a browser:

http://YOUR_INSTANCE_IP/repos/REPONAME

You are done! Connect via Tortoise svn client using the url above.

Linux Commands

To open bundle zip files :

  delete source        : bzip2 -d file.bz2
  keep the source    : bzip2 -dk file.bz2


To extract the tar files:

     tar -xvf myfile.tar
     tar -xzf myfile.tar.gz

To Check the linux version:

     cat /etc/redhat-release

To find the size of particular file:

      find . -name () -exec ls -l {} \;
      find . -name ReflectionUtil.class -exec ls -l {} \;
      find . -name my.cnf -exec ls -l {} \;

SONAR setup

Please follow below given steps for setting up SONAR in local dev environment:

1. Download Sonar from following link: http://dist.sonar.codehaus.org/sonar-3.5.1.zip
2. Unzip and save the downloaded sonar zip in localfile system.
3. Navigate to sonar bin path for example C:\Softwares\sonar-3.5.1\bin\windows-x86-64
4. Execute StartSonar.bat. In this step sonar is started. leave the comand prompt as it is.
5. Go to  Browser and access  sonar by http://localhost:9000
6. We can login to sonar using the login and password admin:admin
7. Go to Settings->Quality Profiles. Click on "Restore Profile" on the top right and select the            Sonar_Rules.xml which is attached below. Now you should see new Quality Profile "Sonar_Rules".    Set it as default.
8. Go to Settings->Configuration->Exclusions. Add following exclusions to Source File Exclusions section. This is to exclude unnecessary source files in metric calculations.
com/compname/project/**/model/**/*.java
com/compname/project/**/*Constant*.java
com/compname/project/**/*Exception.java
9. Navigate to root of your project path using windows command prompt and run: mvn sonar:sonar - In this step, our project build will be deployed in sonar
10. We can see our project listed on the Home screen. we can see the sonar report generated during ST build 

Creating a jar file in Command Prompt

The following are the steps to create the jar from command prompt
1.  Start Command Prompt.
        Navigate to the folder that holds your class files:
        C:\>cd \myproject
2.  Ignore this step if you already set the java path in environment variables
    To Check if it is already done run the below command
        echo %path
Set path to include JDK’s bin.  For example:
        C:\myproject> path c:\Program Files\Java\jdk1.7.0_25\bin;%path%                            
3.  Compile your class(es):
        C:\myproject> javac *.java
4.  Create a manifest file and your jar file:
        C:\myproject> echo Main-Class: MyMainClass >manifest.txt
        C:\myproject> jar cvfm MyJar.jar manifest.txt *.class
        - c for creating jar
        - v for verbos for displaying jar information on command prompt while jar itself
        - f for jar name
        - m for referring manifiest file                            
5.  Test your jar:
        c:\myproject> java -jar MyJar.jar