How to configure SSL on Nodemanager for 12c

In Weblogic Server 12.1.2, the java version of Node Manager controls all WLS instances belonging to the same domain.This allows the feasibility to have different nodemanager configurations for different domains.

You can follow the steps below to use one nodemanager per domain running over SSL ( custom identity & custom trust)

1)  Start nodemanager from the following location ( just to create a default nodemanager.properties file).

D:\Oracle\Middleware\wlserver_12.1\server\bin\startNodeManager.cmd

Stop the nodemanager.

2) Copy the nodemanager folder from the this location to your domain folder.

D:\Oracle\Middleware\wlserver_12.1\common\nodemanager

3) Copy startNodeManager.cmd present at the below location to your domain home folder

D:\Oracle\Middleware\wlserver_12.1\server\bin\startNodeManager.cmd

4) Open the script and update the NodeManager home location in the script

set NODEMGR_HOME=D:/Oracle/Middleware/user_projects/domains/base_domain/nodemanager

5) Create Identity Store for the Node Manager in the nodemanger folder.

keytool -genkey -alias mykey -keyalg RSA -keysize 1024 -dname "CN=www.welogic-wonders.com, OU=Customer Support, O=BEA Systems Inc, L=Denver, ST=Colorado, C=US" -keypass mykeypass -keystore identity.jks -storepass mystorepass
keytool -selfcert -v -alias mykey -keypass mykeypass -keystore identity.jks -storepass mystorepass -storetype jks

You can create it anywhere but then you will have to give the complete path in nodemanager.properties file.

6) Add the following in nodemanager.properties file

KeyStores=CustomIdentityAndCustomTrust
CustomIdentityAlias=mykey
CustomIdentityKeyStoreFileName=identity.jks
CustomIdentityKeyStorePassPhrase=password
CustomIdentityKeyStoreType=JKS
CustomIdentityPrivateKeyPassPhrase=password

7) Start your Node Manager from the domain folder at any available port you want.

D:\Oracle\Middleware\user_projects\domains\base_domain>startNodeManager.cmd localhost 6666

D:\Oracle\Middleware\user_projects\domains\base_domain>set CLASSPATH=.;D:\Oracle
\Middleware\patch_wls1211\profiles\default\sys_manifest_classpath\weblogic_patch
.jar;D:\Oracle\Middleware\jrockit_160_29_D1.2.0-10\lib\tools.jar;D:\Oracle\Middl
eware\wlserver_12.1\server\lib\weblogic_sp.jar;D:\Oracle\Middleware\wlserver_12.
1\server\lib\weblogic.jar;D:\Oracle\Middleware\modules\features\weblogic.server.
modules_12.1.1.0.jar;D:\Oracle\Middleware\wlserver_12.1\server\lib\webservices.j
ar;D:\Oracle\Middleware\modules\org.apache.ant_1.7.1/lib/ant-all.jar;D:\Oracle\M
iddleware\modules\net.sf.antcontrib_1.1.0.0_1-0b2/lib/ant-contrib.jar;
D:\Oracle\Middleware\user_projects\domains\base_domain>if not "" == "" set CLASS
PATH=;.;D:\Oracle\Middleware\patch_wls1211\profiles\default\sys_manifest_classpa
th\weblogic_patch.jar;D:\Oracle\Middleware\jrockit_160_29_D1.2.0-10\lib\tools.ja
r;D:\Oracle\Middleware\wlserver_12.1\server\lib\weblogic_sp.jar;D:\Oracle\Middle
ware\wlserver_12.1\server\lib\weblogic.jar;D:\Oracle\Middleware\modules\features
\weblogic.server.modules_12.1.1.0.jar;D:\Oracle\Middleware\wlserver_12.1\server\
lib\webservices.jar;D:\Oracle\Middleware\modules\org.apache.ant_1.7.1/lib/ant-al
l.jar;D:\Oracle\Middleware\modules\net.sf.antcontrib_1.1.0.0_1-0b2/lib/ant-contr
ib.jar;
D:\Oracle\Middleware\user_projects\domains\base_domain>if not "" == "" set CLASS
PATH=.;D:\Oracle\Middleware\patch_wls1211\profiles\default\sys_manifest_classpat
h\weblogic_patch.jar;D:\Oracle\Middleware\jrockit_160_29_D1.2.0-10\lib\tools.jar
;D:\Oracle\Middleware\wlserver_12.1\server\lib\weblogic_sp.jar;D:\Oracle\Middlew
are\wlserver_12.1\server\lib\weblogic.jar;D:\Oracle\Middleware\modules\features\
weblogic.server.modules_12.1.1.0.jar;D:\Oracle\Middleware\wlserver_12.1\server\l
ib\webservices.jar;D:\Oracle\Middleware\modules\org.apache.ant_1.7.1/lib/ant-all
.jar;D:\Oracle\Middleware\modules\net.sf.antcontrib_1.1.0.0_1-0b2/lib/ant-contri
b.jar;;
D:\Oracle\Middleware\user_projects\domains\base_domain>cd D:\Oracle\Middleware\u
ser_projects\domains\base_domain\nodemanager
D:\Oracle\Middleware\user_projects\domains\base_domain\nodemanager>if not "6666"
== "" if not "localhost" == "" goto runNMWithListenAddressAndPort
D:\Oracle\Middleware\user_projects\domains\base_domain\nodemanager>"D:\Oracle\Mi
ddleware\jrockit_160_29_D1.2.0-10\bin\java.exe" -jrockit -Xms128m -Xmx256m -Dbea
.home=D:\Oracle\Middleware -Xverify:none -Djava.endorsed.dirs=D:\Oracle\Middlew
are\jrockit_160_29_D1.2.0-10/jre/lib/endorsed;D:\Oracle\Middleware\wlserver_12.1
/endorsed "-Djava.security.policy=D:\Oracle\Middleware\wlserver_12.1\server\lib\
weblogic.policy" "-Dweblogic.nodemanager.javaHome=D:\Oracle\Middleware\jrockit_1
60_29_D1.2.0-10" -DListenAddress="localhost" -DListenPort="6666" weblogic.NodeMa
nager -v
Apr 23, 2015 8:30:50 PM weblogic.nodemanager.server.NMServerConfig initDomainsMa
p
INFO: Loading domains file: D:\Oracle\Middleware\wlserver_12.1\common\nodemanage
r\nodemanager.domains
Apr 23, 2015 8:30:50 PM weblogic.nodemanager.server.SSLConfig loadKeyStoreConfig
INFO: Loading identity key store: FileName=D:\Oracle\Middleware\user_projects\do
mains\base_domain\nodemanager\identity.jks, Type=JKS, PassPhraseUsed=true
Apr 23, 2015 8:30:50 PM weblogic.nodemanager.server.NMServer
INFO: Loaded node manager configuration properties from 'D:\Oracle\Middleware\us
er_projects\domains\base_domain\nodemanager\nodemanager.properties'
Node manager v10.3
Configuration settings:
NodeManagerHome=D:\Oracle\Middleware\wlserver_12.1\common\nodemanager
ListenAddress=localhost
ListenPort=6666
ListenBacklog=50
SecureListener=true
AuthenticationEnabled=true
NativeVersionEnabled=true
CrashRecoveryEnabled=false
JavaHome=D:\Oracle\Middleware\jrockit_160_29_D1.2.0-10\jre
StartScriptEnabled=true
StopScriptEnabled=false
StartScriptName=startWebLogic.cmd
StopScriptName=
LogFile=D:\Oracle\Middleware\wlserver_12.1\common\nodemanager\nodemanager.log
LogLevel=INFO
LogLimit=0
LogCount=1
LogAppend=true
LogToStderr=true
LogFormatter=weblogic.nodemanager.server.LogFormatter
DomainsFile=D:\Oracle\Middleware\wlserver_12.1\common\nodemanager\nodemanager.do
mains
DomainsFileEnabled=true
StateCheckInterval=500
UseMACBroadcast=false
DomainRegistrationEnabled=false
DomainsDirRemoteSharingEnabled=false
Domain name mappings:
wl_server -> D:\Oracle\Middleware\wlserver_12.1\samples\domains\wl_server
base_domain -> D:\Oracle\Middleware\user_projects\domains\base_domain
medrec -> D:\Oracle\Middleware\wlserver_12.1\samples\domains\medrec
Apr 23, 2015 8:30:51 PM weblogic.nodemanager.server.SSLListener run
INFO: Secure socket listener started on port 6666, host localhost/127.0.0.1

How to store http sessions in database for WebLogic Cluster

In this example we are going use Postgres database for session replication. It can be downloaded from here

Once installed, you need to execute the following query to create the table to store session

 

create table wl_servlet_sessions ( wl_id TEXT NOT NULL, wl_context_path TEXT NOT NULL, wl_is_new CHAR(1),
 wl_create_time NUMERIC(20),     wl_is_valid CHAR(1), wl_session_values BYTEA, wl_access_time NUMERIC(20),
wl_max_inactive_interval INTEGER, PRIMARY KEY (wl_id, wl_context_path) );

Once the database setup is complete, we need to create a postgres datasource on Weblogic Server.
You can follow the steps here if needed.Then you need to update the deployment descriptor (weblogic.xml) of your application as follows.

 

<session-descriptor>
   <persistent-store-type>jdbc</persistent-store-type>
   <persistent-store-pool>postgresds</persistent-store-pool>
   <persistent-store-table>WL_SERVLET_SESSIONS</persistent-store-table>
</session-descriptor>

 

Now you can log in to your application, store objects in session.

If you want to have a look at the session details in the database, you can use the pgAdmin tool.

replication-session

 

Please feel free to get in touch with us if you have any queries.

 

Cheers!

Wonders Team