Import p7b file to Java Keystore using keytool

Step1:

Convert p7b file fomrat to pem format using openssl

command:

openssl pkcs7 -inform der -print_certs -in file.p7b -out file.pem

Step2:

Import generated pem file into JKS file using keytool command

command:

C:\CICD>keytool -import -alias file -keystore filestore.jks -file file.pem

How to unprotect the GitLab branch

 

  How to unprotect the gitlab Branch 

 

Navigate to Project -> settings -> Repository

 

Click on Protected Branches

 

 

 

After unprotect result should be like below.

 

 

Git Reset & Git Hard Reset & undo repo to previous commits

In this article we will see how to perform hard reset on a project repo.  

when developer wants to rollback to previous commits we can follow the below procedure.

Here I am using the repo in gitlab.com.

Create a Sample Project

 

   

 New Project Created with empty repo.

 

 

 

 

 

 

 

 

we can see the list of commits.

Now we can see how to reset the file to commit old  commit:

 

Reset Process using command line:

Step a:

Clone project to your local

Step b:

Run git log command, it shows the list of commits.

command:  git log

 

Step c:

Command: git reset --hard          <commitID>

Step d:

push the latest commit to remote repository.

The above issue will come when we have enabled branch protection.

How to unprotect the Branch: Please refer this link

After unprotecting the branch we are able to push to Master branch.

Step e:

After hard reset now the repo is updated with respective commit.

 

 

 

how to Install Helm

Step1:

Download Script file from repo

curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3

Step2:

Update the run permissions

chmod 700 get_helm.sh

Step3:

Run the script

./get_helm.sh

Install kubectl client in to local ubuntu

Step1:

 curl -LO "https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl"

Step2:

chmod +x ./kubectl

Step3:

sudo mv ./kubectl /usr/local/bin/kubectl

Step4:

kubectl version --client

How to push your local project folder to git remote repo

 How to push your local project folder to git

When you have your local project, and if you want to push that to remote git, please follow the below instructions.

step1:

    Navigate to the Project folder. I have my project folder under C:\CICD

    open command prompt --> run 

    cd c:\CICD\exmaplepush

Step2:

    Now we need to run the project initialization command.

    git init

step3:

    add all your local files to the local repo.

    git add * or git add . or git add all

step4:

    Commit all added files to a local folder.

    git commit -m "all files commit"

step5:

    Now add the project to the remote repo.

    git remote add origin <remote_reop folder path>

    ex: https://<git.username>@gitlab.com/<git.username>/exmaplepush

step6:

    In the final step, we are pushing to a remote location.

    git push origin master

how to rename branch in gitlab

git checkout feature
git branch -m feature-backup
git push origin :feature feature-backup
git push origin -u feature-backup

how to change the password for Gitlab user account.

step1:

To Reset gitlab user account password, first, we need to login Ruby on Rails console. To login, This console Run the below command.

gitlab-rails console -e production

step2:

Search for the user, you can search using ID, email, and username.

user = User.where(id: 1).first

step3:

Change the password 

user.password = 'Devops@123'

user.password_confirmation = 'Devops@123'

step4:

Save the changes.

user.save!

Install SOA 12.2.1.4.0

Install Oracle Fusion Middleware Infrastructure

java -jar fmw_12.2.1.4.0_infrastructure.jar -silent  -responseFile /u02/training/12214_wlsinfra.rsp

Step1:

Create a Response File.

[ENGINE]
 
#DO NOT CHANGE THIS.
Response File Version=1.0.0.0.0
 
[GENERIC]
 
#Set this to true if you wish to skip software updates
DECLINE_AUTO_UPDATES=true

#My Oracle Support User Name
MOS_USERNAME=

#My Oracle Support Password
MOS_PASSWORD=<SECURE_VALUE>

#If the Software updates are already downloaded and available on your local system,
#then specify the path to the directory where these patches are available and
#set SPECIFY_DOWNLOAD_LOCATION to true
AUTO_UPDATES_LOCATION=

#Proxy Server Name to connect to My Oracle Support
SOFTWARE_UPDATES_PROXY_SERVER=

#Proxy Server Port
SOFTWARE_UPDATES_PROXY_PORT=

#Proxy Server Username
SOFTWARE_UPDATES_PROXY_USER=

#Proxy Server Password
SOFTWARE_UPDATES_PROXY_PASSWORD=<SECURE_VALUE>

#The oracle home location. This can be an existing Oracle Home or a new Oracle Home
ORACLE_HOME=/u01/app/oracle/fmw/12.2.1.4
 
#Set this variable value to the Installation Type selected. 
#e.g. Fusion Middleware Infrastructure, Fusion Middleware Infrastructure With Examples.
INSTALL_TYPE=Fusion Middleware Infrastructure
 
#Provide the My Oracle Support Username. If you wish to ignore Oracle Configuration Manager
#configuration provide empty string for user name.
MYORACLESUPPORT_USERNAME=
 
#Provide the My Oracle Support Password
MYORACLESUPPORT_PASSWORD=<SECURE VALUE>
 
#Set this to true if you wish to decline the security updates. 
#Setting this to true and providing empty string for
#My Oracle Support username will ignore the Oracle Configuration Manager configuration
DECLINE_SECURITY_UPDATES=true
 
#Set this to true if My Oracle Support Password is specified
SECURITY_UPDATES_VIA_MYORACLESUPPORT=false
 
#Provide the Proxy Host
PROXY_HOST=
 
#Provide the Proxy Port
PROXY_PORT=
 
#Provide the Proxy Username
PROXY_USER=
 
#Provide the Proxy Password
PROXY_PWD=<SECURE VALUE>
 
#Type String (URL format) Indicates the OCM Repeater URL 
#which should be of the format [scheme[Http/Https]]://[repeater host]:[repeater port]
COLLECTOR_SUPPORTHUB_URL=

Cannot retrieve repository metadata (repomd.xml) for repository: ol7_UEKR5

Issue:

Cannot retrieve repository metadata (repomd.xml) for repository: ol7_UEKR5.

Cause:

In Oracle Linux Image its connecting to oracle proxy

Solution:

Disable oracle proxy

vi /etc/yum.conf --> disable the highlighted oracle proxy 


[main]
cachedir=/var/cache/yum/$basearch/$releasever
keepcache=0
debuglevel=2
logfile=/var/log/yum.log
exactarch=1
obsoletes=1
gpgcheck=1
plugins=1
installonly_limit=2
#proxy=http://www-proxy.us.oracle.com:80

#  This is the default, if you make this bigger yum won't see if the metadata
# is newer on the remote and so you'll "gain" the bandwidth of not having to
# download the new metadata and "pay" for it by yum not having correct
# information.
#  It is esp. important, to have correct metadata, for distributions like
# Fedora which don't keep old packages around. If you don't like this checking
# interupting your command line usage, it's much better to have something
# manually check the metadata once an hour (yum-updatesd will do this).
# metadata_expire=90m

# PUT YOUR REPOS HERE OR IN separate files named file.repo
# in /etc/yum.repos.d

uninstall kubernetes

How to uninstall Kubernetes completely in Linux?


Method 1:

-->  yum remove kubeadm kubectl kubelet kubernetes-cni kube*

how to change hostname in Oracle Linux

To change hostname in Oracle Linux

Login as a Root user 

vi /etc/hostname

Kubernetes cluster setup in centos

step1:

setenforce 0

step2:

net.bridge.bridge-nf-call-ip6tables =  1

net.bridge.bridge-nf-call-iptables = 1

step3:

vi /etc/fstab

step4:

[root@kubenode1 ~]# cat  /etc/yum.repos.d/kubernetes.repo

[kubernetes]

name=Kubernetes

baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64

enabled=1

gpgcheck=1

repo_gpgcheck=1

gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg

setp5:

yum install –y kubectl kubeadm kubelet docker

yum-config-manager --enable *addons

yum repolist

wget http://yum.oracle.com/public-yum-ol7.repo

mv public-yum-ol7.repo.1 public-yum-ol7.repo

yum-config-manager --enable *addons

yum install docker-engine

step6:

If docker not install

vi  /etc/yum.repos.d/public-yum-ol7.repo

[ol7_latest]

name=Oracle Linux $releasever Latest ($basearch)

baseurl=http://yum.oracle.com/repo/OracleLinux/OL7/latest/$basearch/

gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-oracle

gpgcheck=1

enabled=1

[ol7_UEKR4]

name=Latest Unbreakable Enterprise Kernel Release 4 for Oracle Linux $releasever ($basearch)

baseurl=http://yum.oracle.com/repo/OracleLinux/OL7/UEKR4/$basearch/

gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-oracle

gpgcheck=1

enabled=1

[ol7_addons]

name=Oracle Linux $releasever Add ons ($basearch)

baseurl=http://yum.oracle.com/repo/OracleLinux/OL7/addons/$basearch/

gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-oracle

gpgcheck=1

enabled=1

vi  /etc/yum.repos.d/public-yum-ol7.repo

yum-config-manager --enable ol7_addon

systemctl enable docker

systemctl start docekr

systemctl start docker

yum install -y kubelet kubeadm kubectl

systemctl enable kubelet

systemctl start kubelet

kubeadm init –pod-network-cidr=10.244.0.0./16

kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/bc79dd1505b0c8681ece4de4c0d86c5cd2643275/Documentation/kube-flannel.yml

kubeadm token create --print-join-command

Weblogic WLST connections using SSL

Problem:

When we are connecting to WLST using SSL port, we may get the following error.

        javax.net.ssl.SSLKeyException: Hostname verification failed: HostnameVerifier=weblogic.security.utils.SSLWLSHostnameVerifier, hostname=abchostname.example.com.; No available router to destination.; nested exception is:

        java.rmi.ConnectException: No available router to destination.

Solution:

Start WLST using the  security options.

java -Dweblogic.security.SSL.ignoreHostnameVerification=true -Dweblogic.security.CustomTrustKeyStoreType="JKS" -Dweblogic.security.TrustKeyStore=CustomTrust -Dweblogic.security.CustomTrustKeyStoreFileName="/u02/oracle/doamins/base_domain/keystores/CustomTrust.jks" weblogic.WLST

Reason Behind the Problem:

the connection to the Admin Server can not be established through SSL because there is no trust between the two components. To fix this some additional arguments need to be added

Convert JKS file to pfx

Conver JKS file to PFX

/opt/java8/jdk1.8.0_162/bin/keytool -importkeystore  -srckeystore  /bea/oracle/wlserver/server/lib/Server_Keystore.jks -srcstoretype JKS  -srcstorepass server -destkeystore /bea/oracle/wlserver/server/lib/SOA_Crypto.pfx -deststoretype PKCS12 -deststorepass server

How to get Windows version using cmd

systeminfo | findstr /B /C:"OS Name" /C:"OS Version"

How to create CSR with SANs using keytool

Step1: Generating the Key

keytool -genkey -keystore Identity_trust.jks -storepass srinfosolutions -alias 192.168.0.3 -validity 365 -keyalg RSA -keysize 2048 -dname "CN=192.168.0.3,OU=IT,O=Dell USA L.P.,L=SRInfo,ST=Texas,C=US" ext SAN=dns:192.168.0.4,dns:192.168.0.5

step2 - create request file (.csr) file usinng keytool command 

keytool -certreq -alias 192.168.0.3 -storepass srinfosolutions -keyalg RSA -file certreq.csr -keystore Identity_trust.jks

Domain creation in weblogic 12c

Weblogic domain is an administrative unit on Weblogic Platform.Each domain must have one Administration Server.Administration server will administrate the domain, all the field configurations and deployments will store under Administration server.
Other than administration server all other servers we called as Managed Servers.


Here is the script to create Weblogic Domain

step1: save the below script as domain_creation.py

step2: java $oracle_come/common/bin/wlst.sh domain_creation.py

Note: if java not setup please setup java calss path 

export PATH=java_home path


#=======================================================================================
# Usage: 
#      java weblogic.WLST <WLST_script> 
#
# Where: 
#      <WLST_script> specifies the full path to the WLST script.
#=======================================================================================

#=======================================================================================
# Open a domain template.
#=======================================================================================

readTemplate("/u02/jenkins/oracle12c_r2/mw_home/oracle_home/wlserver/common/templates/wls/wls.jar")

#=======================================================================================
# Configure the Administration Server and SSL port.
#
# To enable access by both local and remote processes, you should not set the 
# listen address for the server instance (that is, it should be left blank or not set). 
# In this case, the server instance will determine the address of the machine and 
# listen on it. 
#=======================================================================================

cd('Servers/AdminServer')
set('ListenAddress','aussoaditapp16.us.dell.com')
set('ListenPort', 25019)

create('AdminServer','SSL')
cd('SSL/AdminServer')
set('Enabled', 'True')
set('ListenPort', 25020)

#=======================================================================================
# Define the user password for weblogic.
#=======================================================================================

cd('/')
cd('Security/base_domain/User/weblogic')
cmo.setPassword('jenkins@domain1')
# Please set password here before using this script, e.g. cmo.setPassword('value')

#=======================================================================================
# Create and configure a JDBC Data Source, and sets the JDBC user.
#=======================================================================================
#set('URL','jdbc:derby://localhost:1527/db;create=true')
#set('PasswordEncrypted', 'PBPUBLIC')
#set('UseXADataSourceInterface', 'false')
#create('myProps','Properties')
#cd('Properties/NO_NAME_0')
#create('user', 'Property')
#cd('Property/user')
#cmo.setValue('PBPUBLIC')

#cd('/JDBCSystemResource/myDataSource/JdbcResource/myDataSource')
#create('myJdbcDataSourceParams','JDBCDataSourceParams')
#cd('JDBCDataSourceParams/NO_NAME_0')
#set('JNDIName', java.lang.String("myDataSource_jndi"))

#cd('/JDBCSystemResource/myDataSource/JdbcResource/myDataSource')
#create('myJdbcConnectionPoolParams','JDBCConnectionPoolParams')
#cd('JDBCConnectionPoolParams/NO_NAME_0')
#set('TestTableName','SYSTABLES')

#=======================================================================================
# Target resources to the servers. 
#=======================================================================================

#cd('/')
#assign('JMSServer', 'myJMSServer', 'Target', 'AdminServer')
#assign('JMSSystemResource.SubDeployment', 'myJmsSystemResource.myQueueSubDeployment', 'Target', 'myJMSServer')
#assign('JDBCSystemResource', 'myDataSource', 'Target', 'AdminServer')

#=======================================================================================
# Write the domain and close the domain template.
#=======================================================================================

setOption('OverwriteDomain', 'true')
writeDomain('/u02/jenkins/domains/jenkins_domain')
closeTemplate()

#=======================================================================================
# Exit WLST.
#=======================================================================================

exit()

How to Disable/Enable ProxyService in OSB 12c

Before 12c in older versions if we want to enable/disable ProxyService we need to login sbconsole.

But in 12c that option moved to EM console.

Here are the steps to enable/disable ProxyService.

1) Login to EM console 

2) Navigate to OSB Project--> Operations tab

3) Select the ProxyService and enable or disable checkbox for state option.

What is DataPower?

IBM WebSphere DataPower SOA Appliances are purpose-built, easy-to-deploy network devices that simplify, help secure, and accelerate your XML and Web services deployments while extending your SOA infrastructure.

IBM WebSphere DataPower Family Suite

1.DataPower XML Accelerator XA35

2.DataPower XML Security Gateway XS40   

                             

3.DataPower Integration Appliance XI50  (Note : XI50 in itself has the capabilities of XS40 and XA35)

                            

4. DataPower GateWay XI52

                           

5.B2B Appliance XB60

6.Low Latency Appliance XM70

 Features of XA35,XS40 and XI50 & XI52 Appliances

1.DataPower XML Accelerator XA35

         1.Accelerates SOA and Web services deployments

         2.Increases performance throughput

         3.Decreases application latency(dormancy)

         4.Reduces cost and complexity

2.DataPower XML Security Gateway XS40

         1.Secures SOA and Web services deployments

         2.Provides comprehensive XML security

         3.Advanced XML firewall and security policy enforcement point functionality

         4.Compliant with most Web services standards

3.DataPower Integration Appliance XI50

         1.Integrates SOA and Web services deployments

         2.Transforms between disparate message formats (binary, legacy, XML, etc.)

         3.Bridges wire line transport-level protocols (HTTP, MQ, FTP, JMS, Tibco EMS, etc.)

4. DataPower Gateway Appliance XI52

        1.Any-to-Any” conversion at wire-speed

        2.Bridges multiple transport protocols        3.Mainframe integration & enablement          

Overview of  XML Accelerator XA35

• Wire speed XML/XSLT/XPath processing – Accelerates XML processing, increasing throughput and decreasing latency for XML-based applications by offloading transformation and other resource-intensive functions
• Schema Validation – Performs XML Schema validation to ensure  incoming/outgoing XML documents are legitimate and properly structured
• XML Compression, XML Caching – Reduces impact of increased XML traffic
• Innovative XML Processing Capabilities — XML Pipeline processing, dynamic content generation, data and forms processing, support for popular XSLT extensions
• SSL Termination/Acceleration – Accelerates SSL with industry-leading hardware further lessening server workload
• Easy Configuration & Administration – Support CLI and WebGUI as well as fully integrated with industry standard IDEs such as Altova XML Spy and Eclipse allowing developers to design, debug and deploy against one single XML and XSLT processor

Overview of XML Security Gateway XS40

• XML/SOAP Firewall – Filter on any content, metadata or network variables
• Data Validation – Approve incoming/outgoing XML and SOAP at wirespeed
• Field Level Security- WS-Security, encrypt & sign individual fields
• XML Web Services Access Control/AAA – SAML, LDAP, RADIUS, etc.
• Multi Step – Sophisticated multi-stage pipeline
• Web Services Management – Service Level Management, Service Virtualization, Policy Management
• Transport Layer Flexibility – HTTP, HTTPS, SSL
• Easy Configuration & Management – WebGUI, CLI, IDE and Eclipse Configuration to address broad organizational needs

Overview of Integration XI50 Appliance

• The DataPower Integration Appliance XI50 model provides transport-independent transformations between binary, flat text files and XML message formats.
• Visual tools are used to describe data formats, create mappings between different formats, and define message choreography.
• The XI50 appliance can transform binary, flat text, and other non-XML messages to help offer an innovative solution for security-rich XML enablement ,ESBs , and mainframe connectivity.
• Any-to-any transformation engine
  The XI50 model can parse and transform arbitrary binary, flat text, and XML messages, including EDI, COBOL copybook, CSV,  and ebXML.
  The technology of the DataPower appliance uses a fully declarative, metadata-based approach.
• Transport bridging
  With support for a wide array of transport protocols, the XI50 is capable of bridging request and response flows to and from protocols such as HTTP, HTTPS, MQ, SSL, IMS Connect, FTP, and more.
• Integrated message-level security
  The XI50 model includes mature message-level security and access control functionality.
  Messages can be filtered, validated, encrypted, and signed, helping to provide more secure enablement of high-value applications. Supported technologies include WS-Security, WS-Trust, SAML, and LDAP.
• Lightweight message brokering
  Sophisticated multi-step message routing, filtering, and processing
  Multiple synchronous and asynchronous transport protocols
  Detailed logging and audit trail, including non-repudiation support

Usage Scenarios for DataPower SOA Appliances

• Securing Web Services :Securely enabling access to back-end system of record for partners and customers and Protecting against XML-borne threats
• Legacy Integration :Connecting mainframe or legacy application to Web services/SOA ,XML-enabling mainframe and legacy systems.(A legacy system is an old technology application program that may or may not remain in use.)
• Hub Mediation :Efficiently transforming, routing, logging messages among applications and Web services
• Enterprise Service Bus (ESB) Deployments : Provide on- and off-ramps to ESBs, manage Web services easily through service-level management, security management, enterprise management console
• Web Portal Acceleration :Speed up rendering for dynamic content generation