PeopleSoft 8.59 Infra DPK and Critical Patch Updates

As I write this it is a month after Oracle released the critical patch updates, but there is still no sign of the Infra DPK, which contains Java and WebLogic updates. If Oracle are not going to supply this patch reliably, we will have to work out how to do it ourselves. WebLogic (On the Web Server) What WebLogic Patches does Oracle Install? In a default install we can do the following as user psadm1:

Encrypting PeopleSoft Internal Communication - Application Server

In the last article we looked at encrypting communication between WebLogic and the load balancer. Now it is time to investigate the traffic between WebLogic and the Application server. Without this configuration the logs get filled with messages like this: 1 2 3 WARNING: LLE Configuration discovered! Note that LLE has been deprecated. You should upgrade to SSL to secure network links. Let’s upgrade to SSL then!

Encrypting PeopleSoft Internal Communication - WebLogic Server

In the past we used to assume communication on our network was protected by physical security. Now that seems not to be a reasonable assumption. So we should probably encrypt communication within PeopleSoft. Here is how I do that. We control both ends of communication between tiers of PeopleSoft. So we can create our own certificate authority, and instruct our software to trust it. Creating the Certificate Authority (CA) We need a root certificate for our Certificate Authority (CA).

TLS and PeopleSoft Integration Gateway

PeopleSoft in general leaves it to the administrator to ensure that digital certificates are set up properly. Given digital certificates don’t tend to change very often, and the provider changes even less frequently, it can be difficult to understand and remember how this works, and prevent issues. What is a digital certificate? The two parts There are two parts to a digital certificate. One part is the private key which is used to encrypt data, and is installed, in our case, on the load balancer.

Auto Restart Weblogic with Systemd

The Problem Our WebLogic server recently crashed. There were a number of issues identified in the post mortem, which were addressed to prevent the same thing happening again. It also occurred to us that WebLogic should restart itself automatically if it fell over. This is easily achieved using systemd, but for whatever reason Oracle chose not to configure it to do this. Oracles Default Setup This is a PeopleSoft system which might be configured slightly differently to other WebLogic installations.

SAML SSO for Django

The University has a Single Sign On (SSO) system. There are a number of ways that it can be used. In this case I am investigating the use of Security Assertion Markup Language (SAML). There is also Shibboleth which is related, and our SSO can also use, but I will leave that till another time. I am creating a test application running in django on my desktop. Django by default only listens on the loopback interface which means it can provide friendly information to developers safe in the knowledge that anyone who can view it is logged on to my desktop.

Parsing XML with Ansible

I am trying to gather some information about an environment once it has been created and save it in a small Django app. This is about my adventures trying to discover the Weblogic version from the it’s registry which is an XML file. The XML registry is in the Oracle inventory, and starts like this: 1 2 3 4 <?xml version = '1.0' encoding = 'UTF-8' standalone = 'yes'?> <registry home="/opt/oracle/psft/pt/bea" platform="226" sessions="7" xmlns:ns2="http://xmlns.

Kubernetes, Terraform and Secrets

Getting started with Kubernetes and Terraform I’ve been looking into how to learn terraform. I have also discovered for my project I need to use Kubernetes. It turns out that it is really easy to create a kubernetes cluster on the local desktop to have a play with. Here goes: I got started using the following tutorial I used Kubernetes in Docker (kind) to test. This turned out to be really easy to install.