JBoss Tomcat y WebLogic
Este post ayuda a revisar procesos Java, localizar logs, configurar SSL y realizar comprobaciones basicas en JBoss, Tomcat, WebLogic y WAS.
Revisar procesos Java
1
2
| ps -ef | grep -E 'java|jboss|tomcat|weblogic' | grep -v grep
jps -lv
|
Logs habituales
1
2
3
| tail -f /opt/<APP>/logs/server.log
tail -f /opt/<APP>/logs/catalina.out
tail -f /opt/<APP>/domains/<DOMINIO>/servers/<SERVIDOR>/logs/<SERVIDOR>.log
|
Tomcat: keystore y conector SSL
1
2
3
4
5
6
7
| <Connector port="8443"
protocol="org.apache.coyote.http11.Http11NioProtocol"
SSLEnabled="true"
keystoreFile="/opt/tomcat/conf/app.jks"
keystorePass="<SECRETO>"
clientAuth="false"
sslProtocol="TLS" />
|
JBoss: realm seguro
1
2
3
4
5
| /opt/jboss/bin/jboss-cli.sh --connect
/subsystem=elytron/key-store=httpsKS:add(path=app.jks,relative-to=jboss.server.config.dir,credential-reference={clear-text="<SECRETO>"},type=JKS)
/subsystem=elytron/key-manager=httpsKM:add(key-store=httpsKS,credential-reference={clear-text="<SECRETO>"})
/subsystem=elytron/server-ssl-context=httpsSSC:add(key-manager=httpsKM,protocols=["TLSv1.2","TLSv1.3"])
reload
|
Ciphers
Priorizar TLS moderno y retirar protocolos antiguos:
Evitar cuando sea posible:
1
2
3
4
5
6
7
8
| SSLv2
SSLv3
TLSv1.0
TLSv1.1
RC4
3DES
NULL
EXPORT
|
WebLogic: WLST basico
1
2
3
4
5
| connect('<USUARIO>', '<SECRETO>', 't3://admin.example.local:7001')
domainRuntime()
serverRuntime()
disconnect()
exit()
|
WebLogic datasource
1
2
3
4
5
6
| connect('<USUARIO>', '<SECRETO>', 't3://admin.example.local:7001')
edit()
startEdit()
cd('/JDBCSystemResources/<DATASOURCE>/JDBCResource/<DATASOURCE>')
disconnect()
exit()
|
WAS
1
2
3
| serverStatus.sh -all
stopServer.sh <SERVIDOR>
startServer.sh <SERVIDOR>
|