SSL
Sunday, October 12th, 2003Handy: http://www.openssl.org/docs/HOWTO/certificates.txt
Also: http://www.openssl.org/docs/HOWTO/keys.txt
openssl genrsa -des3 -out server.key
openssl req -new -x509 -key server.key -out server.crt -days 1000
Handy: http://www.openssl.org/docs/HOWTO/certificates.txt
Also: http://www.openssl.org/docs/HOWTO/keys.txt
openssl genrsa -des3 -out server.key
openssl req -new -x509 -key server.key -out server.crt -days 1000
I finally ran that power line from the server closet to the switch in the garage and mounted a box and power socket on the wall. Then I moved the UPS to the server closet and plugged it in there resulting in a UPS driven outlet in the grage for the switch. I also mounted a box for the CAT 5 faceplate, ran the cables through the hole, punched them down to the jacks agan and mounted them back on the faceplate. It looks pretty nice. Now all I need is a small shelf for the switch.
Making progress on the SSL. Got to configure with –enable-ssl and make sure OpenSSl development is there. Had to add the include for kerberos too. There’s an SSL example conf file in the docs directory. May try later.
set CPPFLAGS=-I/usr/kerberos/include before ./configure to tell the complier where to find the kerberos headers.
Google Groups: View Thread “Apache 2 and SSL”
Installations really need to be viewed in two ways:
1. Cells: ./WebSphere/DeploymentManagerN where N is the cell number and 1 may be optional or the undecorated directory may be left for unmanaged cells
2. Nodes: ./WebSPhere/AppServerM where M is the node number on that disk (usually also machine but not necessarily so.
There is no necessary relationship between M and N. A node may stand alone or belong to any cell we wish. Perhaps there needs to be a standard here? No deployment manager on a machine that has a node federated to another cell. It would not allow for the cross coverage of cells on hardware. I’m not sure why I want that,. Here’s a scenario:
Machines A1, A2 and A3 belong to cell C1. Machines B1, B2 and B3 belong to cell C2. The deployment managers for these celss are on nodes A1 and B1. The loss of A1 or B1 denies us management capability of cell C1 or C2.
Assuming web server redundency, I still have 2/3 application coverage for the failed cell and still have failover coverage assuming volume can be accomodated. I can’t add more nodes to the cell without fiddling with the plug-in and other configs manually. If B1, B2 and B3 have secondary nodes federated to A1 and thus members of C1, I have backup capacity to handle load, but can I leave them inactive and start them (from the node agent with wsadmin?) while A1 is unavailable?