I am currently setting up a CAS server in a local network which will have to authenticate users belonging to ldap directories so that they can then connect to a web server.
A Windows Server 2019 Active Directory is the gateway to the WAN.
Environment:
Windows Server 2019 with Active Directory and DHCP, routing and DNS installed which make the link between the WAN and the LAN; IP: 192.168.100.10
LDAP Server on Centos 7 on the LAN registred on the Active Directory (no ssl certificate generated); IP: 192.168.100.50
CAS Server on Debian 11 on the LAN (no ssl certificate generated for tomcat and cas); IP: 192.168.100.101
All pinging between each other;
I'm following this process to install and configure the cas server:
https://www.esup-portail.org/wiki/pages/viewpage.action?pageId=972292097
This is my build.gradle configuration file:
build.gradle
This is my cas.properties configuration file:
cas.properties
After the copy of the war file generated in /var/lib/tomcat9/webapps/; i restart tomcat9 service.
The problem is that i can't access the cas address:
erreur_acces_site
When i check the status of Tomcat service, i got this error:
error_tomcat_service_status
Can anyone enlighten me? I can't see what's going wrong.
Moreover, if someone has a detailed procedure, which describes the environment and the prerequisites, recent and educational to install a CAS server for Centos 7, I am strongly interested
Thank you in advance!
When I remove the CAS dependencies in build.gradle and LDAP authentication config in cas.properties, I can access the CAS login screen.
Related
i have installed a PLEX media server on my NAS an want to install my issued SSL certificate for my custom domain name (eg. customdomain.ddns.net).
I have setup PLEX media server running on port 32400 (default) and setup the port forwarding on my router for external access.
Then i followed the instructions on this page: https://blog.stefandroid.com/2021/08/27/plex-with-lets-encrypt-certificate.html but using an ordered certificated for 1 year.
The domain name is issued and setup correctly and i created a valid .p12 file from the certificate.
I entered all the information on the "Network" settings page in PLEX. But when i open up plex via my custom domain with port 32400 (https://customdomain.ddns.net:32400) i still get an certification error:
This server could not prove that it is customdomain.ddns.net.
Its security certificate is from *.17ed1f92d4c64c4cb135d9dd79589f7e.plex.direct.
Does anyone has a clue what am i doing wrong? And i don't want to use a reverse nginx proxy, cause that is not possible with my setup.
Thanks!
I want to install the "IBM HTTP Server for IBM WebSphere Application Server V9.0" without the IBM InstallationManager just with an archive file.
I already downloaded the archive file 9.0.5-WS-IHS-ARCHIVE-win-x86_64-FP003.zip
and just run the postinstall.bat and I cannot install it .
So, Does anyone know how can install it?
This the message that get everytime i run this command
postinstall.bat
postinst: Could not reliably determine the server's fully qualified domain
name, using 127.0.0.1 for ServerName
SERVERROOT_NATIVE=D:\Mohamed\Mohamed Nour\MohmedNour\Software\IBM WAS
ND\IHS
SERVERROOT=D:/Mohamed/Mohamed Nour/MohmedNour/Software/IBM WAS ND/IHS
PORT=80
GSK7LIBDIR_NATIVE=D:\Mohamed\Mohamed Nour\MohmedNour\Software\IBM WAS
ND\IHS\gsk8\lib64
GSK7LIBDIR=D:/Mohamed/Mohamed Nour/MohmedNour/Software/IBM WAS
ND/IHS/gsk8/lib64
SERVERNAME=127.0.0.1
postinst complete
here when access IBM HTTP Server
click to view errors picture
and also after register IHS in Admin Console and created unmanaged node for remote
when am access application from WAS it success but not when access through IHS
and also updated the http.conf configuration like :
<IfFile plugin/config/webserver1/plugin-cfg.xml>
LoadModule was_ap24_module C:\Program Files\IBM\WebSphere\Plugins\bin\mod_was_ap24_http.dll
WebSpherePluginConfig C:\Program Files\IBM\WebSphere\Plugins\config\webserver12\plugin-cfg.xml
</IfFile>
and also web server created from console named webserver12
Just did what you want.
This is the procedure:
Download 9.0.5-WS-IHS-ARCHIVE-win-x86_64-FP003.zip
Unzip to target folder (recommended folder without spaces in the path)
Run postinstall.bat it displays the following:
D:\install\WAS_90\IHS>postinstall.bat
postinst: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName
SERVERROOT_NATIVE=D:\install\WAS_90\IHS
SERVERROOT=D:/install/WAS_90/IHS
PORT=80
GSK7LIBDIR_NATIVE=D:\install\WAS_90\IHS\gsk8\lib64
GSK7LIBDIR=D:/install/WAS_90/IHS/gsk8/lib64
SERVERNAME=127.0.0.1
postinst complete
Verify in httpd.conf that you have settings changed, for example search for server root settin: ServerRoot "D:/install/WAS_90/IHS"
Add IHS as service (you must have Administrator command line to do it):
httpd.exe -k install -n IHS9A
if you dont have admin rights just start server with the httpd.exe command
All done. Access your server via http://localhost
To federate to WebSphere App Server just follow usual instruction and provide your IHS unzipped folder as IHS install root.
To configure your plugin add the following lines to httpd.conf, the plugin file for IHS is located in IHS\plugin\bin. Example for Win:
<IfFile plugin/config/webserver1/plugin-cfg.xml>
LoadModule was_ap24_module plugin/bin/mod_was_ap24_http.dll WebSpherePluginConfig c:/IHS/plugin/config/webserver1/plugin-cfg.xml
</IfFile>
These lines were correct after unzipping the IHS, but you manually messed that up, pointing to non existing C:\Program Files\IBM\WebSphere\Plugins folder. While configuring IHS in WAS console you have to think and set the IHS home (eg. C:\IHS) and Plugin home (c:\IHS\plugin) correctly to the directory where you unzipped the IHS archive. This was already discussed here Archive Installation for “Web Server Plug-ins for IBM WebSphere Application Server V9.0” instead of IM
all. I am trying to install openshift with one command
[root#demo ~]# sh <(curl -s https://install.openshift.com/)
Checking for necessary tools...
...looks good.
Downloading oo-install package...
Extracting oo-install to temporary directory...
Starting oo-install...
OpenShift Installer (Build 20140722-1618)
.....
....
....
Deploying workflow 'origin_deploy'.
The OpenShift deployment configuration has the following errors:
* The implied host domain 'com' does not match the specified host domain of 'demo.com' for DNS
Rerun the installer to correct these errors.
I don't know what is the reason it keeps telling me that 'the implied host domain 'com' ...' what need to be changed?
[root#demo ~]# sh <(curl -s https://install.openshift.com/)
Checking for necessary tools...
...looks good.
Downloading oo-install package...
Extracting oo-install to temporary directory...
Starting oo-install...
OpenShift Installer (Build 20140722-1618)
Welcome to OpenShift.
This installer will guide you through a basic system deployment, based
on one of the scenarios below.
Select from the following installation scenarios.
You can also type '?' for Help or 'q' to Quit:
Install OpenShift Origin
Add a Node to an OpenShift Origin deployment
Generate a Puppet Configuration File
Type a selection and press : 1
Your system deployment configuration is incomplete.
The installer will guide you through the necessary configuration
steps.
Note: ActiveMQ and MongoDB will be installed on all Broker instances.
For more flexibility, rerun the installer in advanced mode (-a).
DNS Settings
Installer will deploy DNS
Application Domain: example.com
Register OpenShift hosts with DNS? Yes
Component Domain: demo.com
Global Gear Settings
Account Settings
![enter image description here][2]
Node Districts
Role Assignments
Host Information
The configuration file does not include some of the required settings
for host instance demo.com. Please provide them here.
Hostname (the FQDN that other OpenShift hosts will use to connect to
the host that you are describing): |demo.com|
Hostname / IP address for SSH access to demo.com from the host where
you are running oo-install. You can say 'localhost' if you are running
oo-install from the system that you are describing: |demo.com| 10.1.14.145
Username for SSH access to 10.1.14.145: |root|
Validating root#10.1.14.145... looks good.
Detected multiple network interfaces for this host:
* 192.168.142.128 on interface eth2
* 10.1.14.145 on interface eth3
Do you want to use one of these as the public IP information for this
Node? (y/n/q/?) y
The following network interfaces were found on this host. Choose the
one that it uses for communication on the local subnet:
1. 192.168.142.128 on interface eth2
2. 10.1.14.145 on interface eth3
Type a selection and press : 2
Normally, the BIND DNS server that is installed on this host will be
reachable from other OpenShift components using the host's configured
IP address (10.1.14.145).
If that will work in your deployment, press to accept the
default value. Otherwise, provide an alternate IP address that will
enable other OpenShift components to reach the BIND DNS service on
this host: |10.1.14.145|
This Node host is currently associated with the Default district. Do
you want to change this district assignment? (y/n/q) n
Do you want to modify the account info settings for the various role
services? (y/n/q/?) n
Here are the details of your current deployment.
Note: ActiveMQ and MongoDB will be installed on all Broker instances.
For more flexibility, rerun the installer in advanced mode (-a).
DNS Settings
Installer will deploy DNS
Application Domain: example.com
Register OpenShift hosts with DNS? Yes
Component Domain: demo.com
Choose from the following deployment configuration options:
1. Change the DNS configuration
2. Manage Hosts
3. Services Accounts Settings
4. Global Gear Settings
5. Node Districts
6. Display full Host details
7. Finish editing the deployment configuration
Type a selection and press : 7
Here is the subscription configuration that the installer will use for
this deployment.
Do you want to make any changes to the subscription info in the
configuration file? (y/n/q/?) n
Do you want to set any temporary subscription settings for this
installation only? (y/n/q/?) n
Preflight check: verifying system and resource availability.
Checking demo.com:
* SSH connection succeeded
* Target host is running CentOS
* Located getenforce
* SELinux is running in enforcing mode
* Located yum
* puppet RPM is installed.
* openssh-clients RPM is installed.
* bind RPM is installed.
Deploying workflow 'origin_deploy'.
The OpenShift deployment configuration has the following errors:
* The implied host domain 'com' does not match the specified host domain of 'demo.com' for DNS
Rerun the installer to correct these errors.
The issue is that OpenShift requires hosts to be part of a second-level domain. myhost.openshift.localdomain works, while myhost.localdomain does not.
I entered oshost.localdomain as component domain (configured right after the application domain) and 0.oshost.localdomain for the actual host and now it installs just fine.
I deployed an embedded apacheds application to public cloudfoundry! but i can't access it from ldap client in my machine!!
my server properties:
host: http://kenzdz.cloudfoundry.com/
port: 10389
root dn: ou=system
when i use a class in the same project to acces the server,it success like the link show it:
http://kenzdz.cloudfoundry.com/ldaptest : it is a servlet that acces the ldap server
but when i use a ldap client like jexplorer to acess remotely to the server it doesn't success.
is it because an embedded ldap server i cant do it?
Cloudfoundry.com only allows inbound http(s) traffic on ports 80 and 443, respectively (see May i open a port on Cloud Foundry?). So you won't be able to interact using the LDAP protocol with the app you deployed.
I have a virtual server with a few websites on it. To be honest I know next to nothing about SSL. When Itry to log in to my servers Web Host Manager or any of my sites Cpanels I get a screen (In chrome) saying "This website is not trusted". Is this because the server needs to have SSL installed on it?
Maybe it's not even to do with SSL, but any explanation is appreciated.
SSL secures your conecction between your browser and the server. If you have important data there you should install SSL to protect your connection from "sniffing".
SSL is network protocol so you have to install it or enable it on the server.
here is resource for installing/enabling SSL on Apache server:
http://www.digicert.com/ssl-certificate-installation-apache.htm
and here is how to install/enable SSL on IIS:
http://support.microsoft.com/kb/299875