Tuesday Dec 11, 2012

Configuring Weblogic Server 10.3.6 from 32-bit mode to 64-bit mode

This post pertains to the configuration of Weblogic Server from 32-bit mode to 64-bit mode on Solaris OS. Just in case, you have WLS 10.3.6 running in 32-bit mode and the JDK being used is installed for 64-bit mode [On Solaris OS, JDK 64-bit installation comprises of installing 32-bit JDK followed by a patch for 64-bit JDK]. 

Verification of the mode being used

One can verify the mode of Weblogic Server in the following ways

  • Either check the commonEnv.sh script located at $MIDDLEWARE_HOME/wlserver_10.3/common/bin where $MIDDLEWARE_HOME refers to the install directory of Middleware. Look for the patterns - SUN_ARCH_DATA_MODEL and JAVA_USE_64BIT in the file. 
    For 32-bit mode, the parameters would appear as shown below
    SUN_ARCH_DATA_MODEL="32"
    JAVA_USE_64BIT=false
  • Check the server console logs; which JDK is being used during start-up
  • By checking which JDK is used by the running process of Weblogic Server

Configuration Steps

  • Take a backup of the commonEnv.sh script located at $MIDDLEWARE_HOME/wlserver_10.3/common/bin where $MIDDLEWARE_HOME refers to the install directory of Middleware
  • Modify the commonEnv.sh script for the following parameters: The values should be 64 and true respectively for 64-bit mode
    SUN_ARCH_DATA_MODEL="64"
    JAVA_USE_64BIT=true 
  • Restart the weblogic server.

One can confirm that the JDK being used is 64-bit by looking at the Weblogic console logs during server start up or by looking at the running process.

Monday Dec 03, 2012

OAM11gR2: Enabling SSL in the Data Store

Enabling SSL in the Data Store of OAM11gR2 comprises of the below mentioned steps.

  • Import the certificate/s required for establishing the trust with the Store(backend) in the keystore(cacerts) on the machine hosting OAM's Weblogic Admin server
  • Restart the Weblogic Admin server
  • Specify the <Hostname>:<SSL port> in the "Location" field of the Data Store and select the "Enable SSL" checkbox

Pre-requisite:-

  • Certificate/s to be imported are available for import
  • Data Store has already been created using OAM admin console and the connection to the store is successful on non-SSL port( though one can always create a Data Store with SSL settings on the first go)

Steps for importing the certificate/s:-

One can use the keytool utility that comes bundled with JDK to import the certificate. The step for importing the certificate would be same for self-signed and third party certificates (like VeriSign)

$JAVA_HOME/bin/keytool -import -v -noprompt -trustcacerts -alias <aliasname> -file <Path to the certificate file> -keystore $JAVA_HOME/jre/lib/security/cacerts

Here $JAVA_HOME refers to the path of JDK install directory

Note: In case multiple certificates are required for establishing the trust, import all those certificates using the same keytool command mentioned above 

One can verify the import of the certificate/s by using the below mentioned command

$JAVA_HOME/bin/keytool -list -alias <aliasname>-v -keystore $JAVA_HOME/jre/lib/security/cacerts

When the trust gets established for the SSL communication, specifying the SSL specific settings in the Data Store (via OAM admin console) wouldn't result into the previously seen error (when Certificates are yet to be imported) and the "Test Connection" would be successful.
About

OIM11gR2 Blog by NA-TAG Offshore IDAM team

Search

Categories
Archives
« July 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
  
       
Today