Opatch Weblogic patch command

2 – Take backup of /path/weblogic/wls1213 (tarball – tar -cvf wls1213.tar wls1213 ) with app user mkdir  /path/wls1213/OPatch/PATCH_TOP 3. Unzip the patch zip file into the PATCH_TOP. cd /path/wls1213/OPatch/PATCH_TOP $ unzip p27419391_121300_Generic.zip 4. Set your current directory to the directory where the patch is located. $ cd /path/wls1213/OPatch/PATCH_TOP/27419391 4. Run OPatch to apply the patch. […]

BSU patch

1 – View installed: ./bsu.sh -prod_dir=/path/wls1036/wlserver_10.3 -status=applied -view -verbose -log=/tmp/GFWX_bsu_applied.log -log_priority=trace 2 – View: Downloaded: show current patch details which is downloaded and present inside patch_dir ./bsu.sh -prod_dir=/opt/app/bea/wls1036/wlserver_10.3 -status=downloaded -view -verbose -log=/tmp/GFWX_bsu_view_down.log -log_priority=trace – Remove: to avoid conflict PS: You can run step#4 as well as I did earlier and it will give below error […]

Weblogic Setup on VM

Weblogic Setup on VM machine POC: 1 – Set Proxy: 2 – curl -s https://raw.githubusercontent.com/typekpb/oradown/master/oradown.sh | bash -s — –cookie=accept-weblogicserver-server –username=canuj.tomar@gmail.com –password=nailbyter http://download.oracle.com/otn/nt/middleware/12c/12212/fmw_12. 1 – create user wls:wls 2 – get jdk: wget –no-cookies –no-check-certificate –header “Cookie: gpw_e24=http%3a%2F%2Fwww.oracle.com%2Ftechnetwork%2Fjava%2Fjavase%2Fdownloads%2Fjdk8-downloads-2133151.html; oraclelicense=accept-securebackup-cookie;” “https://download.oracle.com/otn-pub/java/jdk/8u191-b12/2787e4a523244c269598db4e85c51e0c/jdk-8u191-linux-x64.tar.gz” 3 – /storage/wls ln -s jdk1.8.0_191 jdk vi .bash_profile PATH=$PATH:$HOME/.local/bin:$HOME/bin:/storage/wls/jdk/bin 4 — mkdir /storage/wls/oraInventory $ […]

Common Issues & Troubleshooting in Weblogic

1 – OOM issues Young Generation : It is place where lived for short period and divided into two spaces: Eden Space : When object created using new keyword memory allocated on this space.   Survivor Space : This is the pool which contains objects which have survived after java garbage collection from Eden space. […]

Checking SSL/TLS connectivity via openssl to verify Poodle Fix

You can use below commands to check on which protocols a particular website responds: Recommended practice is to use only TLS1_1 & TLS1_2 as the enabled protocols on your web/app server. As SSL3 & TLS1 are not that secure now due to various uncovered vulnerabilities. openssl s_client -connect : -<ssl3|ssl2|tls1|tls1_1|tls1_2> openssl s_client -connect localhost:8080 -ssl2 […]

Apache installation & integration with Weblogic on Linux

I. Download from : http://httpd.apache.org/download.cgi II. Install the apache web server in Linux: Step 1: first unzip the file on zip file gunzip httpd-2.0.55.gzStep 2: tar file is open. Untar that filetar –xvf httpd-2.o.55.tarThe file will display httpd-2.o.55Step 3: cd httpd-2.0.55./configure —prefix= \home\Apache2.2\Apachemakemake installThe install is completed.III. Check Apache servers running processes:ps -ef | grephttpd […]

Running Middleware apps with non-root user on privileged ports < 1024 on Solaris

In Solaris 9 and above, non root users can open ports < 1024 with the below command: # su – # /usr/sbin/usermod -K defaultpriv=basic,net_privaddr <userId> Also this needs to be run once by root user, after this user will be able to bind to any available port & there will be no restriction

Heartbleed Bug affecting Weblogic websphere apache & other middleware application / web servers ?

So we all are hearing various news about Heartbleed Bug, so let’s see which of our middleware application servers are affected by this:

Here is an brief review of the Bug -CVE-2014-0160:

“OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the TLS/DTLS heartbeat functionality. An attacker could exploit this vulnerability to expose 64k of private memory and retrieve secret keys. An attacker can repeatedly expose additional 64k chunks of memory. This vulnerability can be remotely exploited, authentication is not required and the exploit is not complex. An exploit can only partially affect the confidentially, but not integrity or availability..”

Read more about Heartbleed Bug affecting Weblogic websphere apache & other middleware application / web servers ?