Sunday, 13 August 2017

Ansible - Tomcat installation deployment and removal playbook

Pre-requisite
  • Ansible is 2.3.1.0 installed in Linux (RHEL)

Tomcat Instllation and Deployment Playbook
  • Inventory File (inventory.txt)
  • [hosts]
    licremmt06.gl.avaya.com http_port=8080
    licremmt07.gl.avaya.com http_port=8080

  • Tomcat Installation Playbook (tomcat-install.yml)
---
- hosts: all
  tasks:
    - name: Make sure that we can connect to the machine
      ping:

    - name: add group "tomcat"
      group: name=tomcat

    - name: add user "tomcat"
      user: name=tomcat group=tomcat createhome=yes
      become: true

    - name: copy Tomcat
      copy: src=./apache-tomcat-8.5.16.tar.gz dest=/opt/apache-tomcat-8.5.16.tar.gz

    - name: Extract Tomcat archive
      command: tar zxvf /opt/apache-tomcat-8.5.16.tar.gz -C /opt/ creates=/opt/apache-tomcat-8.5.16

    - name: Change ownership of Tomcat installation
      file: path=/opt/apache-tomcat-8.5.16 owner=tomcat group=tomcat state=directory recurse=yes

    - name: Configure Tomcat server
      template: src=server.xml dest=/opt/apache-tomcat-8.5.16/conf/

    - name: Configure Tomcat users
      template: src=tomcat-users.xml dest=/opt/apache-tomcat-8.5.16/conf/

    - name: Start Tomcat
      command: nohup /opt/apache-tomcat-8.5.16/bin/startup.sh
      become: true
      become_user: tomcat

    - name: wait for tomcat to start
      wait_for: port={{http_port}}

  • WAR Deploy playbook (tomcat-deploy.yml)
---
- hosts: all
  tasks:
    - name: Make sure that we can connect to the machine
      ping:

    - name: copy war
      copy: src=./osm-phs-1.0.6.war dest=/opt/apache-tomcat-8.5.16/webapps/osm-phs-1.0.6.war owner=tomcat group=tomcat mode=0744

  • Tomcat removal playbook (tomcat-remove.yml)
---
- hosts: all
  tasks:
    - name: Make sure that we can connect to the machine
      ping:

    - name: Stop Tomcat
      command: sh /opt/apache-tomcat-8.5.16/bin/shutdown.sh
      become: true
      become_user: tomcat

    - name: Remove Tomcat
      file:
        path: /opt/apache-tomcat-8.5.16
        state: absent

    - name: remove user "tomcat"
      user:
        name: tomcat
        state: absent

    - name: remove group "tomcat"
      group:
        name: tomcat
        state: absent

    • Commands to execute
     $ansible-playbook -i ansible-inventory tomcat-install.yml -k


    Thank You!

    Sunday, 30 July 2017

    CURL issue with NSS 3.28.4-3.0.1 - curl: (35) SSL connect error - ciphers rsa_rc4_128 only working

    Problem Statement

    Recently when a Linux monitoring script using CURL to monitor a https URL broke when migrated to a VM from Oracle Linux v6.7 to v6.9. This post i will try to explain the root cause of the issue and solution to fix the issue.

    Solution

    • Oracle Linux v6.7 the following command was working fine: VM-1$curl <your-https-server-url>
    • But in Oracle Linux v6.9 the same command was failing: VM-2$curl <your-https-server-url>
      • The error it was throwing: "curl: (35) SSL connect error"
    • The supported cipher for my server was found to be:
      Supported Server Cipher(s):
    Preferred TLSv1.0 128 bits DHE-RSA-AES128-SHA DHE 768 bits
    Accepted TLSv1.0 128 bits AES128-SHA
    Accepted TLSv1.0 128 bits RC4-SHA
    • By googling about the error i found in some post to use following -cipher option with curl and specify the cipher explicitly for the things to work:
    VM-2$curl --ciphers rsa_rc4_128_sha <your-https-server-url>
    • The following are debugging steps i followed to debug the issue further:
    • Check the meaning of error "curl: (35) SSL connect error"
    VM-2$curl -v <your-https-server-url>
    * About to connect() to sas1.sal.avaya.com port 443 (#0)
    *   Trying 135.11.105.105... connected
    * Connected to sas1.sal.avaya.com (135.11.105.105) port 443 (#0)
    * Initializing NSS with certpath: sql:/etc/pki/nssdb
    *   CAfile: /etc/pki/tls/certs/ca-bundle.crt
      CApath: none
    * NSS error -12173
    * Closing connection #0
    * SSL connect error
    curl: (35) SSL connect error
    • Now go to the URL https://mozilla.github.io/python-nss-docs/nss.error-module.html and check the meaning of the error "NSS error -12173"
    • The error is "SSL_ERROR_WEAK_SERVER_EPHEMERAL_DH_KEY: SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange handshake message."
    • Now check the CURL version in the two VMs:
    VM1$ curl --version
    curl 7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.27.1 zlib/1.2.3 libidn/1.18 libssh2/1.4.2
    Protocols: tftp ftp telnet dict ldap ldaps http file https ftps scp sftp
    Features: GSS-Negotiate IDN IPv6 Largefile NTLM SSL libz

    VM2$ curl --version
    curl 7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.19.1 Basic ECC zlib/1.2.3 libidn/1.18 libssh2/1.4.2
    Protocols: tftp ftp telnet dict ldap ldaps http file https ftps scp sftp
    Features: GSS-Negotiate IDN IPv6 Largefile NTLM SSL libz
    • If you observe the difference in the NSS library being used by CURL. So next step is to look what is different in NSS.
    VM1$rpm -qa | grep nss

    VM2$rpm -qa | grep nss
    • The difference i noted is on the following rpm: 
    • "nss-3.28.4-3.0.1.el6_9.x86_64" versus "nss-3.28.4-1.0.0.1.el7_3.x86_64"
    • So the time is to now check what has got changed between the two version
    VM1$rpm -ql nss
    /etc/pki/nssdb
    /etc/pki/nssdb/cert8.db
    /etc/pki/nssdb/key3.db
    /etc/pki/nssdb/secmod.db
    /usr/lib64/libnss3.so
    /usr/lib64/libnssckbi.so
    /usr/lib64/libnsspem.so
    /usr/lib64/libsmime3.so
    /usr/lib64/libssl3.so
    /usr/lib64/nss/libnssckbi.so


    VM2$rpm -ql nss
    /etc/pki/nss-legacy
    /etc/pki/nss-legacy/nss-rhel6.config
    /etc/pki/nssdb
    /etc/pki/nssdb/cert8.db
    /etc/pki/nssdb/key3.db
    /etc/pki/nssdb/secmod.db
    /usr/lib64/libnss3.so
    /usr/lib64/libnssckbi.so
    /usr/lib64/libnsspem.so
    /usr/lib64/libsmime3.so
    /usr/lib64/libssl3.so
    /usr/lib64/nss/libnssckbi.so


    • One of the observation is a new config file "nss-rhel6.config" which got introduced and if you see its content:
    VM2$cat /etc/pki/nss-legacy/nss-rhel6.config
    # To re-enable legacy algorithms, edit this file
    # Note that the last empty line in this file must be preserved
    library=
    name=Policy
    NSS=flags=policyOnly,moduleDB
    config="disallow=md5 allow=DH-MIN=1023:DSA-MIN=1023:RSA-MIN=1023"

    • Now you can correlate the error SSL_ERROR_WEAK_SERVER_EPHEMERAL_DH_KEY we are getting and the last line in above config file mentioning DH key size 1023 as minimum supported.
    • This gives an indication that the DH key size restriction has been introduced in newer version of NSS,
    • So I did give a try by reducing the key size to 767 (which i got from checking the DH size being handshaked in VM1.
    VM2$vi /etc/pki/nss-legacy/nss-rhel6.config
    # To re-enable legacy algorithms, edit this file
    # Note that the last empty line in this file must be preserved
    library=
    name=Policy
    NSS=flags=policyOnly,moduleDB
    config="disallow=md5 allow=DH-MIN=767:DSA-MIN=767:RSA-MIN=767"

    • This change made the curl in VM1 to work without specifying the -cihper option explicitly.

    Conclusion

    The lastest version of NSS library nss-3.28.4-3.0.1.el6_9.x86_64 has tighten the ssl handshake by putting restriction to allow DH min key size of 1024. Which is the best security practice but if you want to make the things working without changing the Server TLS version and cipher supports then this is the way to handle it.

    Thanks!

    Tuesday, 4 October 2016

    My Java Blogs: WebLogic 12c 12.1.3 Cluster Node Setup in Linux

    My Java Blogs: WebLogic 12c 12.1.3 Cluster Node Setup in Linux: Pre-requisite Weblogic Primary Node is setup  WebLogic 12c 12.1.3 Installation and Configuration in Linux 2nd Node Setup Create 2...

    Saturday, 1 October 2016

    WebLogic 12c 12.1.3 HTTPS TLSv1.2 Only Enablement

    Pre-requisite

    HTTPS and TLSv1.2 Only Enablement
    • HTTPS Enablement
      • Login to the Admin Console of Weblogic Admin Server 
      • Select from left tree "base_domain -> Enviornment -> Servers"
      • Select the Server which you want to enable for HTTPS, for example "Server-1"
      • Select Tabe "Configuration -> General" and select "SSL Port Enabled" and provide a HTTPS port, for example 8082
      • Select Tabe "Configuration -> Keystores" and provide following values:
        • Keystores: Select "Customer Identity and Custom Trust"
        • Custom Identity Keystore: the path to identity jks in the machine
        • Custom Identity Keystore Type: JKS
        • Custom Identity Keystore Passphrase: the password of identity keystore
        • Confirm Custom Identity Keystore Passphrase: the password of identity keystore
        • Custom Trust Keystore: the path to trust jks in the machine
        • Custom Trust Keystore Type: JKS
        • Custom Trust Keystore Passphrase: the password of trust store keystore
        • Confirm Custom Trust Keystore Passphrase: the password of trust store keystore
      • Select Tabe "Configuration -> SSL" and provide following values:
        • Identity and Trust Locations: Keystores
        • Private Key Alias: the alias name of the identity certificate
        • Private Key Passphrase: the private key of the identity certificate
        • Confirm Private Key Passphrase: the private key of the identity certificate
      • You may do the same changes for Admin Server as well if want to do HTTPS enablement for Admin Server port.
      • Restart the Servers to take HTTPS enablement into effect, and hit the server URL with HTTPS port to verify.
    • TLSv1.2 Only Restriction
      • Select Tabe "Configuration -> Server Start" and provide following values:
        • Arguments: -Dweblogic.security.SSL.enableJSSE=true -Dweblogic.security.SSL.minimumProtocolVersion=TLSv1.2 -Dweblogic.security.SSL.allowUnencryptedNullCipher=false -Dweblogic.security.disableNullCipher=true
      • Restart the Servers
    • To restrict ciphers
      • Stop NodeManager, AdminServer and all other Servers
      • Modify config.xml
        • $cd /app/Oracle/Middleware/Oracle_Home/user_projects/domains/base_domain/config
        • $vi config.xml
        • Add following ciphers under respective Server section, for example
          • <server>
          • <name>Server-1</name>
          • <ssl>
          • <enabled>true</enabled>
          • <ciphersuite>TLS_RSA_WITH_AES_128_CBC_SHA</ciphersuite>
          • <ciphersuite>TLS_ECDH_RSA_WITH_AES_128_CBC_SHA</ciphersuite>
          • <ciphersuite>TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA</ciphersuite>
          • <ciphersuite>TLS_DHE_RSA_WITH_AES_128_CBC_SHA</ciphersuite>
          • .....
          • .....
        • Save the modification in config.xml
      • Restart NodeManager, AdminServer and respective Servers.
    Thank You!

    WebLogic 12c 12.1.3 JMS Distributed Queues and Topics Configuration


    Pre-requisite



    Distributed JMS Queues and Topics Creation

    • Create Server: JMSManagedServer-1 
      • Select from left tree "base_domain-> Enviornment -> Servers" and click "New"
      • Provide Server name as "JMSManagedServer-1", Listen address as "<HOST-NAME-1ST-NODE", Port as "8001", select "No, this is a stand-alone server.", and Click "Finish"
      • Navigate to the JMSManagedServer-1 management page by clicking the JMSManagedServer-1 name entry in the Summary of Servers table.
      • In the general tab, select "<HOST-NAME-1ST-NODE>" in the Machine drop-down box, disable "SSL Listen Port Enabled" and Click Save.
      • In the Server Start tab, ether the following information and click save
      • Java Home as "/usr/java/jdk1.8.0_102/"
      • Java Vendor as "Oracle "
      • Arguments as 
      • -Djava.library.path=/app/Oracle/Middleware/Oracle_Home/wlserver/server/native/linux/x86_64/
    • Create Server: JMSManagedServer-2
      • Select from left tree "base_domain-> Enviornment -> Servers" and click "New"
      • Provide Server name as "JMSManagedServer-2", Listen address as "<HOST-NAME-1ST-NODE", Port as "8001", select "No, this is a stand-alone server.", and Click "Finish"
      • Navigate to the JMSManagedServer-2 management page by clicking the JMSManagedServer-2 name entry in the Summary of Servers table.
      • In the general tab, select "<HOST-NAME-2ND-NODE>" in the Machine drop-down box, disable "SSL Listen Port Enabled" and Click Save.
      • In the Server Start tab, ether the following information and click save
      • Java Home as "/usr/java/jdk1.8.0_102/"
      • Java Vendor as "Oracle "
      • Arguments as 
      • -Djava.library.path=/app/Oracle/Middleware/Oracle_Home/wlserver/server/native/linux/x86_64/
    • Create JMS Clusters 
      • Select from left tree "base_domain-> Enviornment -> Clusters" and click "New"
      • Provide name as "JMSCluster" and click "Finish"
      • Navigate to the JMSCluster management page by clicking theJMSCluster name entry in the Summary of Clusters table
      • In the "Servers" tab, add Servers "JMSManagedServer-1" and "JMSManagedServer-2" into the cluster
    • Create the JMS Servers 
      • Login to WebLogic Admin Console
      • Open web browser and hit the URL "http://<HOST-NAME>:7001/console/login/LoginForm.jsp" and enter credentials as "weblogic/Weblogic123"
      • On the left menu/navigation area, select the appropriate server domain and click to expand the Services - Messaging – JMS Servers node.
      • Click the Lock & Edit button, located near the top of the left menu.
      • On the following page, click the New button.
      • This will take you to a page where you can select a name for the JMS server. In the text box, name the server JMSServer-1.
      • Click Next.
      • Under the Select targets heading, use the drop-down box to select the name of the server where you wish to deploy the JMS server. ManagedJMSServer-1 should be the target for JMSServer-1. Click Finish.
      • To commit the change and create the JMS server, you must then click the Activate Changes button. This should create a new JMS server.
      • Complete steps above to create JMSServer-2, which should target ManagedJMSServer-2.
    • Create the JMS Module 
      • On the left menu/navigation area, select the appropriate server domain and click to expand the Services – Messaging – JMS Modules node.
      • Click the Lock & Edit button, located near the top of the left menu.
      • On the following page, click the New button.
      • This will take you to a page where you can select a name for the JMS module. In the Name text box, give the module an appropriate name.
      • Click Next.
      • Under the Targets heading, select ManagedJMSServer-1 and ManagedJMSServer-2. Click Next.
      • Click Finish.
      • Select SystemModule-1 from the JMS Modules table and select the Subdeployments tab and click the New button
      • Enter Default for the Subdeployment Name. Click Next.
      • On the Targets page, select JMSServer-1 and JMSServer-2. Click Finish
    • Create Queues and Topics
      • On the Create a New JMS System Module Resource page, Queue or Topic resource as appropriate and click Next.
      • Accept the default “round-robin” handling of the distributed JMS resources. You will enter the JMS Destination Properties on the following page. Give the distributed queue or topic an appropriate Name and JNDI Name. Following is an example: 
      • ticketRequest, ticketRequest, DistributedQueue
      • ticketResponse, ticketResponse, DistributedTopic
      • Click Next.
      • Accept the default targeting suggested by the admin console and click Finish.
      • Click the green “Activate Changes” button to ensure that the JMS resource definition is accepted and deployed by the Web Logic Server.
      • Test
      • You can verify that the JMS resources were successfully deployed by trying to connect to them with a JMS client such as Hermes JMS.


    Thank You!

    WebLogic 12c 12.1.3 Cluster Node Setup in Linux

    Pre-requisite

    2nd Node Setup
    • Create 2nd or Remote Weblogic Node
    • Login to the Admin Console of Weblogic Admin Server (running in Node1)
    • Select from left tree "base_domain -> Enviornment -> Machines" and click "New"
    • Provide name as "<HOST-NAME-OF-2ND-NODE>" and Os as "Unix", and click "Next"
    • Select Type as "Plain", Address as "<HOST-NAME-OF-2ND-NODE>", Port as "5556" and click "Finish"
    • Install Weblogic Server (Do not have to create Domain here) following the same steps followed for 1st Node:
      • Connect via SSH CLI to 2nd Node
      • Create weblogic user and group
        • $groupadd -g 1000 weblogic
        • $useradd -u 1100 -g weblogic weblogic
        • $passwd weblogic (give password as weblogic)
      • Create weblogic installation directory
        • $mkdir /app
        • $chown -R weblogic:weblogic /opt/oracle
        • $chmod -R 775 /app
      • Download Weblogic 12c (12.1.3) installable
        • Download Weblogic Server 12.1.3 from Oracle Support Site: fmw_12.1.3.0.0_wls.jar
      • Install Weblogic 12.1.3
        • Verify Java 8 is installed
          • $which java
          • $java -version
      • Perform installation of Weblogic 12.1.3
        • Add the following entries into /home/weblogic/.bash_profile file:
          • export MW_HOME=/app/Oracle/Middleware/Oracle_Home/
          • export WLS_HOME="${MW_HOME}/wlserver"
          • export WL_HOME="${WLS_HOME}"
          • # Set to appropriate JAVA_HOME.
          • export JAVA_HOME=/usr/java/jdk1.8.0_91
          • export JAVA_OPTIONS="-Djava.security.egd=file:/dev/./urandom"
          • PATH=$PATH:$HOME/bin:$JAVA_HOME/bin
          • export PATH
        • Connect o Machine via VNC Client (make sure VNCServer is running in the box)
        • From VNC Client go to Shell prompt
        • Switch to weblogic user
          • $su - weblogic
        • Run the Installer from the directory where weblogic installer jar is copied
          • $java -jar fmw_12.1.3.0.0_wls.jar
        • You will get pre-requisite check warnings, make sure all checks are passed (except for 256 color warning in which case you can proceed with 'y')
        • Let all defaults values (like inventory location, installation location, installation type) to be selected except installation path which you can specify as under /app
        • You may Uncheck the check box where it is asked to get information on security updates
        • After installation it would prompt for domain creation, say No
    • Note: we did not create domain in the 2nd Node
    • From the 1st Primary Node create a teamplate.jar 
      • SSL CLI to 1st Node and switch to webloigc user
      • $cd /app/Oracle/Middleware/Oracle_Home/oracle_common/common/bin
      • $./pack.sh -managed=true -domain="/app/Oracle/Middleware/Oracle_Home/user_projects/domains/base_domain" -template=midtiertemplate.jar -template_name="midtiertemplate"
      • This will create a midtiertemplate.jar in the path /app/Oracle/Middleware/Oracle_Home/oracle_common/common/bin
    • Use template created from 1st Node to install it in 2nd Node 
    • SSH to 2nd Node and switch to weblogic User
    • copy template from 1st Node to 2nd Node 
      • $cd /app/Oracle/Middleware/Oracle_Home/oracle_common/common/bin
      • $scp root@<HOST-NAME-OF-1ST-NODE>:/app/Oracle/Middleware/Oracle_Home/oracle_common/common/bin/midtiertemplate.jar .
    • $./unpack.sh -domain="/app/Oracle/Middleware/Oracle_Home/user_projects/domains/base_domain" -template="/app/Oracle/Middleware/Oracle_Home/oracle_common/common/bin/midtiertemplate.jar"
    • Check for successful message in the command prompt
    • Register this 2nd Machine NodeManager with 1st Machine 
      • SSH to 2nd Machine and switch to weblogic user
      • $su - weblogic
      • $cd /app/Oracle/Middleware/Oracle_Home/oracle_common/user_projects/domains/base_domain/bin/
      • $. setDomainEnv.sh
      • java weblogic.WLST 
      • A new prompt will come:
      • >>connect('weblogic','Weblogic123','t3://<HOST-NAME-OF-1ST-NODE>:7001')
      • >>nmEnroll('/app/Oracle/Middleware/Oracle_Home/user_projects/domains/base_domain/','/app/Oracle/Middleware/Oracle_Home/user_projects/domains/base_domain/nodemanager/')
      • >>exit()
    • Start the NodeManager in 2nd Machine 
      • $cd /app/Oracle/Middleware/Oracle_Home/user_projects/domains/base_domain
      • $nohup ./bin/startNodeManager.sh &
    • check the nohup log for successful startup 
    • If any issues, please check the nodemanager.properties file and correct the hostname.
    • Verify it from 1st Node 
      • Login to Admin Console UI of 1st Machine
      • Go to Machines -> 2nd Machine
      • Go to Tab Monitoring and check "Reachable" state for confirmation.
    Thank You!

    WebLogic 12c 12.1.3 Installation and Configuration in Linux

    Pre-requisite
    • Java 8 installed 
    • VNC Server installed (to be able to run WebLogic installer GUI)

    Installation & Configuration Steps
    • Create weblogic user and group
      • $groupadd -g 1000 weblogic
      • $useradd -u 1100 -g weblogic weblogic
      • $passwd weblogic (give password as weblogic)
    • Create weblogic installation directory
      • $mkdir /app
      • $chown -R weblogic:weblogic /opt/oracle
      • $chmod -R 775 /app
    • Download Weblogic 12c (12.1.3) installable
      • Download Weblogic Server 12.1.3 from Oracle Support Site: fmw_12.1.3.0.0_wls.jar
    • Install Weblogic 12.1.3
      • Verify Java 8 is installed
        • $which java
        • $java -version
    • Perform installation of Weblogic 12.1.3
      • Add the following entries into /home/weblogic/.bash_profile file:
        • export MW_HOME=/app/Oracle/Middleware/Oracle_Home/
        • export WLS_HOME="${MW_HOME}/wlserver"
        • export WL_HOME="${WLS_HOME}"
        • # Set to appropriate JAVA_HOME.
        • export JAVA_HOME=/usr/java/jdk1.8.0_91
        • export JAVA_OPTIONS="-Djava.security.egd=file:/dev/./urandom"
        • PATH=$PATH:$HOME/bin:$JAVA_HOME/bin
        • export PATH
      • Connect o Machine via VNC Client (make sure VNCServer is running in the box)
      • From VNC Client go to Shell prompt
      • Switch to weblogic user
        • $su - weblogic
      • Run the Installer from the directory where weblogic installer jar is copied
        • $java -jar fmw_12.1.3.0.0_wls.jar
      • You will get pre-requisite check warnings, make sure all checks are passed (except for 256 color warning in which case you can proceed with 'y')
      • Let all defaults values (like inventory location, installation location, installation type) to be selected except installation path which you can specify as under /app
      • You may Uncheck the check box where it is asked to get information on security updates
      • After installation it would prompt for domain creation, say Yes 
      • Give the Domain path as /app/Oracle/Middleware/Oracle_Home/user_projects/domains/base_domain/ 
      • and select all default options except selecting the "Production Mode" when asked for installation mode to have run Weblogic in production licensed mode
      • Provide Username password as "weblogic:Weblogic123"
      • Finish Domain Creation Wizard and come out of (exit) VNC Client
      • Start NodeManager and Admin Server
      • Login to Machine via SSH Client
      • Switch to weblogic user
        • $su - weblogic
      • Start NodeManager
        • $cd /app/Oracle/Middleware/Oracle_Home/user_projects/domains/base_domain
        • $nohup ./bin/startNodeManager.sh &
      • Verify at nohup.out log for successful start of NodeManager.
      • In case any issues you face with startup please check if hostname and ports and secureLister=false are correctly configured in nodemanager.properties file
      • /app/Oracle/Middleware/Oracle_Home/user_projects/domains/base_domain/nodemanager/nodemanager.properties
      • ****Note that we have installed Weblogic with Production Mode which requires username and password to be entered while starting the servers to by pass username and password ask and start server in backrgound***
      • Manully create boot.properties for Admin Server
        • $cd /app/Oracle/Middleware/Oracle_Home/user_projects/domains/base_domain/servers/AdminServer
        • $mkdir scecurity
        • $cd security
        • $vi boot.properties with following values
          • username=weblogic
          • password=Webloigc123
      • Start Weblogic Server
        • $cd /app/Oracle/Middleware/Oracle_Home/user_projects/domains/base_domain/bin
        • $nohup ./startWebLogic.sh &
      • Open web browser and hit the URL "http://<HOST-NAME>:7001/console/login/LoginForm.jsp" and enter credentials as "weblogic/Weblogic123"
      • If you are able to see the login page and login, it confirms installation is successful
      • Configuration of Weblogic
      • Create Machines 
      • Select from left tree "base_domain -> Enviornment -> Machines" and click "New"
      • Provide name as "<HOST-NAME>" and Os as "Unix", and click "Next"
      • Select Type as "Plain", Address as "<HOST-NAME>", Port as "5556" and click "Finish"
      • Create Servers 
      • Select from left tree "base_domain -> Enviornment -> Servers" and click "New"
      • Provide Server name as "Server-1", Listen address as "<HOST-NAME>", Port as "8080", select "No, this is a stand-alone server.", and Click "Finish"
      • Navigate to the Server-1 management page by clicking the Server-1 name entry in the Summary of Servers table.
      • In the general tab, select "<HOST-NAME>" in the Machine drop-down box, disable "SSL Listen Port Enabled" and Click Save.
      • In the Server Start tab, ether the following information and click save
        • Java Home as "/usr/java/jdk1.8.0_91/"
        • Java Vendor as "Oracle"
        • Arguments as 
        • -Xms1024m -Xmx3076m -Djava.library.path=/app/Oracle/Middleware/Oracle_Home/wlserver/server/native/linux/x86_64/
      • Start Server-1
      • Select from left tree "base_domain -> Enviornment -> Servers" and then select Server-1 and start
    Thank You!