Post

JBoss Tomcat y WebLogic

JBoss Tomcat y WebLogic

JBoss Tomcat y WebLogic

Este post ayuda a revisar procesos Java, localizar logs, configurar SSL y realizar comprobaciones basicas en JBoss, Tomcat, WebLogic y WAS.

Revisar procesos Java

1
2
ps -ef | grep -E 'java|jboss|tomcat|weblogic' | grep -v grep
jps -lv

Logs habituales

1
2
3
tail -f /opt/<APP>/logs/server.log
tail -f /opt/<APP>/logs/catalina.out
tail -f /opt/<APP>/domains/<DOMINIO>/servers/<SERVIDOR>/logs/<SERVIDOR>.log

Tomcat: keystore y conector SSL

1
2
3
4
5
6
7
<Connector port="8443"
           protocol="org.apache.coyote.http11.Http11NioProtocol"
           SSLEnabled="true"
           keystoreFile="/opt/tomcat/conf/app.jks"
           keystorePass="<SECRETO>"
           clientAuth="false"
           sslProtocol="TLS" />

JBoss: realm seguro

1
2
3
4
5
/opt/jboss/bin/jboss-cli.sh --connect
/subsystem=elytron/key-store=httpsKS:add(path=app.jks,relative-to=jboss.server.config.dir,credential-reference={clear-text="<SECRETO>"},type=JKS)
/subsystem=elytron/key-manager=httpsKM:add(key-store=httpsKS,credential-reference={clear-text="<SECRETO>"})
/subsystem=elytron/server-ssl-context=httpsSSC:add(key-manager=httpsKM,protocols=["TLSv1.2","TLSv1.3"])
reload

Ciphers

Priorizar TLS moderno y retirar protocolos antiguos:

1
2
TLSv1.2
TLSv1.3

Evitar cuando sea posible:

1
2
3
4
5
6
7
8
SSLv2
SSLv3
TLSv1.0
TLSv1.1
RC4
3DES
NULL
EXPORT

WebLogic: WLST basico

1
2
3
4
5
connect('<USUARIO>', '<SECRETO>', 't3://admin.example.local:7001')
domainRuntime()
serverRuntime()
disconnect()
exit()

WebLogic datasource

1
2
3
4
5
6
connect('<USUARIO>', '<SECRETO>', 't3://admin.example.local:7001')
edit()
startEdit()
cd('/JDBCSystemResources/<DATASOURCE>/JDBCResource/<DATASOURCE>')
disconnect()
exit()

WAS

1
2
3
serverStatus.sh -all
stopServer.sh <SERVIDOR>
startServer.sh <SERVIDOR>
This post is licensed under CC BY 4.0 by the author.