Tuesday Dec 22, 2009

Importing the Root CA Certificate for Secure OpenSSO Rainbow Connections

When configuring OpenSSO for a scenario that involves a secure connection (SSL or LDAPS) and multiple JVMs, you need to import the root CA certificate into the JVM trust store (by default JAVA_HOME/jre/lib/security/cacerts) and restart the OpenSSO web container before performing any configurations.

For example, to configure a second instance of OpenSSO in a defined Site (when the first instance of OpenSSO is SSL-enabled), the root Certificate Authority (CA) certificate for the first OpenSSO server certificate must be imported into the JVM key store of the web container in which the second instance of OpenSSO is deployed. (Restart the web container of the second instance after the import.)

An example of a command to import a root CA certificate to this key store is:

keytool -import -v -alias alias -keystore JAVA_HOME/jre/lib/security/cacerts -storepass changeit -file CAcert.crt

Use the following command to verify that the root CA certificate was imported correctly.

keytool -list -keystore JAVA_HOME/jre/lib/security/cacerts -storepass changeit

Now enjoy a secure Rainbow Connection with Deborah Harry and Kermit the Frog.

Monday Aug 03, 2009

Don't Stop Believin' in the OpenSSO Public Javadoc

I was contacted by an OpenSSO engineer last week who wanted to know where she could get the latest Java API Reference documentation - that's the real name for the untrademarked Javadoc. I was surprised at the request because I thought anyone who was anyone in the community knows that the Java API Reference is available in the nightly build (and has been for a while). So, for others who might not know, here is how to open and display the public Java API Reference from opensso.zip.
  1. Download opensso.zip.
  2. Decompress opensso.zip.
    The files are unzipped into the opensso directory.
  3. Change into the /opensso/docs directory.
  4. Decompress opensso-public-javadocs.jar.
    jar xvf opensso-public-javadocs.jar
  5. From a local browser, choose File -> Open File.
  6. Navigate to the docs folder from within the Open File window.
  7. Select index.html to open in the browser window.
    index.html is the public home page for the Java API Reference.
Because of the ease with which you can now access them, the Java API Reference will no longer be published as part of the documentation set for releases of OpenSSO. So remember this procedure!

How many thought I might be linking to Journey's Don't Stop Believing? I could've even used the version from Glee. Well, I'm not that predictable. (Note the spelling of believin'.) Here is Olivia Newton-John singing the tune that kept my spirits up as I failed two tests for my driver's license in 1975 and waited to take the third. I listened to this for days before that final test. I didn't stop believin', passed the third test and having been driving offensively ever since.

Tuesday Oct 30, 2007

Javadoc is a Tool - Not a Document

This morning I innocently answered an email from a colleague who was referring to the Access Manager Java API documentation as JavadocTM (without the trademark but this is the first use of the term in this entry outside of the header). In my reply I referred back to the Java API documentation as JavaDocs. In the reply back to me, I was chastised (in a kindly manner) for using the term JavaDocs and not Javadoc. I, of course, had to defend my honor. Here was my reply:

Don't get me started on this one. OK, you did.

Javadoc is the tool that is used to generate the HTML pages that when viewed as a piece are often referred to, incorrectly, as Javadoc. These HTML pages should not be referred to as Javadoc, Javadocs, JavaDocs, or anything remotely spelled as such. Javadoc is a trademarked name for a piece of software. You'll notice that since this was discovered by me the name given to these HTML pages in our doc sets (and registered as such in pubstool) is the Java API Reference. And if you click that link in the AM 71 doc set and see the generated HTML pages you'll note that the word Javadoc is nowhere to be found. As for the link you sent, here is the first sentence:

Javadoc is a tool for generating API documentation in HTML format from doc comments in source code.

But no one listens to me.

Hey, I think I just wrote today's blog entry.

In 2002, we decided to publish the engineering comments generated using the Javadoc tool for Identity Server 6.0. This was new territory as no other documentation team was publishing these pages yet. I was given the task of editing these comments and filing bugs against them when necessary. In my research, I found out about the trademark and common misuse of the term Javadoc and brought it up at our team meeting. For the February 2004 release, Access Manager 6 2005Q1, we renamed the book as the Java API Reference. In fact, we liked the name so much that in our next release we renamed the guide that discussed the C API, the C API Reference.

As for why I used the term JavaDocs in my reply: it was internal email to a small group who had already used the term. I was innappropriately cutting keystrokes.

Not that there's anything wrong with that.



« July 2016