Installing Apache2 with PHP4 and PHP5 Support at the same time

Apache2 Installation in Debian

By Default apache2 package you will be given the package apache2-mpm-worker, other packages are available:

apache2-mpm-worker

The worker MPM provides a threaded implementation for Apache2. It is considerably faster than the traditional model, and is the recommended MPM.

apache2-mpm-prefork

This Multi-Processing Module (MPM) implements a non-threaded, pre-forking web server that handles requests in a manner similar to Apache 1.3. It is appropriate for sites that need to avoid threading for compatibility with non-thread-safe libraries.

#apt-get install apache2

#apt-get install apache2-mpm-prefork

That's it basic apache2 installation finished.If you want to test your installation go to your browser and type the following

http://youripaddress/apache2-default/

This should display welcome message then your installation is correct.

Default document root directory for apache2 is /var/www

If you want to change the default document root directory in apache2 you have to modify /etc/apache2/sites-available/default file.Edit this file and change the path to where ever you want to change.

Now you need to install PHP4 and PHP5 modules for apache2

If you want to run PHP5 and PHP4 supprt at the same time it is not possible, we must run one of them as CGI, the other one as Apache module. We will use PHP5 as Apache module and PHP4 as CGI.

If you want to install PHP5 from debian packages you need to enter the one of the source list in your /etc/apt/sources.list file

deb http://packages.dotdeb.org stable all
deb-src http://packages.dotdeb.org stable all

Now you need to run the following command to update source list

#apt-get update

Now you need to install following modules to support PHP5 and PHP4

#apt-get install libapache2-mod-php5 php4-cgi php5-curl php5-dev php5-gd php5-gmp php5-imap php5-ldap php5-mcrypt php5-mhash php5-ming php5-mysql php5-mysqli php5-odbc php5-pdo-mysql php5-pdo-sqlite php5-pear php5-pspell php5-snmp php5-sybase php5-tidy php4-curl php4-domxml php4-gd php4-gmp php4-imap php4-ldap php4-mcal php4-mcrypt php4-mhash php4-ming php4-mysql php4-odbc php4-pspell php4-recode php4-snmp php4-xslt php4-xdebug curl libwww-perl imagemagick

Now you need to change the following line from /etc/apache2/apache2.conf file

DirectoryIndex index.html index.cgi index.pl index.php index.xhtml

to

DirectoryIndex index.html index.htm index.shtml index.cgi index.pl index.php index.php4 index.xhtml

and add these two lines in the section where you can find AddType and AddHandler directives

AddHandler php-script .php4
Action php-script /cgi-bin/php4

This will make sure that PHP files with the extension .php4 are executed as CGI. PHP files with the extension .php will be run by the Apache2-PHP5 module.

Next, we have to enable a few Apache modules, like for example the actions module otherwise we cannot run PHP4 as CGI

#a2enmod actions ssl rewrite suexec include

Now you need to restart your apache server using the following command

#/etc/init.d/apache2 restart

Securing communication in WebSphere

This section is taken from WAS V6.1 Infocenter : Link of "Securing Communication"

 

Configuring the WebServer Plug-in for SSL

 

WebSphere Application Server uses Java Secure Sockets Extension (JSSE) as the SSL implementation for secure connections.

JSSE handles the handshake negotiation and protection capabilities that are provided by SSL to ensure secure connectivity exists across most protocols

CA and self-signed X.509 certificates reside in Java keystores. Typically, each JSSE configuration has two Java keystore references: a keystore and a truststore.

The keystore reference represents a Java keystore object that holds personal certificates.
The truststore reference represents a Java keystore object that holds signer certificates.

 

A personal certificate without a private key is an X.509 certificate that represents the entity that owns it during a handshake.
   Personal certificates contain both public and private keys.

 

A signer certificate is an X.509 certificate that represents a peer entity or itself.
   Signer certificates contain just the public key and verify the signature of the identity that is received during a peer-to-peer handshake.

 

Default self-signed certificate configuration

By default, WebSphere Application Server creates a unique self-signed certificate for each node.
WebSphere Application Server no longer relies on the default or dummy certificate that is shipped with the product. The key.p12 default keystore and the trust.p12 truststore are stored in the configuration repository within the node directory.
All of the nodes put their signer certificates in this common truststore (trust.p12).
Additionally, after you federate a node, the default SSL configuration is automatically modified to point to the common truststore, which is located in the cell directory. The node can now communicate with all other servers in the cell.All default SSL configurations contain a keystore with the name suffix DefaultKeyStore and a truststore with the name suffix DefaultTrustStore.
These default suffixes instruct the WebSphere Application Server runtime to add the signer of the personal certificate to the common truststore. If a keystore name does not end with DefaultKeyStore, the keystore signer certificates are not added to the common truststore when you federate the server.
You can change the default SSL configuration, but you must ensure that the correct trust is established for administrative connections, among others.
For more information, see Default self-signed certificate configuration and Web server plug-in default configuration

WebServer Plug-In default Configuration

When you create a new Web server definition, WebSphere Application Server associates the Web server plug-in with a Certificate Management Services (CMS) keystore for a specific node. The keystore contains all of the signers for the current cell with the self-signed certificate, which belongs to the node. The plug-in can communicate securely to WebSphere Application Server, even when the plug-in is configured with Secure Sockets Layer (SSL) client authentication enabled.
When you set the Web server definition to webserver1 on node myhostNode01, WebSphere Application Server creates the keystore configuration. The keystore is scoped to the webserver1 server, which makes it visible to this server only. Other processes cannot use this keystore definition
The default password for the keystore is WebAS. You can change the default keystore password by using either the administrative console or the appropriate AdminTask command.
The following sample code shows the AdminTask command that you can use to create this CMS keystore.

$AdminTask createCMSKeyStore /config/cells/myhostCell01/nodes/myhostNode01
/servers/webserver1/plugin-key.kdb myhost.austin.ibm.com

Note the following characteristics of the previous example:

• You can create only one CMSKeyStore entry for each management scope. If a CMS keystore already exists for scope (cell):myhostCell01:(node):myhostNode01:(server):webserver1, then you cannot create another CMSKeyStore entry
• The Uniform Resource Identifier (URI) for the keystore name is /config/cells/myhostCell01/nodes/myhostNode01/servers/webserver1/plugin-key.kdb
• The host name in the plug-in location is myhost.austin.ibm.com. WebSphere Application Server uses this name to create a self-signed certificate, if a self-signed certificate does not already exist for that particular node. If a self-signed certificate already exists for the node, then the certificate is put into the CMS keystore and all the signers from the cell are added, by default.

When additional nodes are federated, the signers for these nodes are not automatically added to each Web server for the CMS keystore. For the Web server plug-in to be able to communicate with a newly federated node, you must manually exchange signers with the CMSKeyStore keystore. Use the administrative console keystore certificate management function to exchange signers. For more information, see Extracting a signer certificate from a personal certificate.

Extracting a signer certificate from a personal certificate:

Procedure :

1. Click Security > SSL certificate and key management > Manage endpoint security configurations > {Inbound | Outbound} > ssl_configuration > Key stores and certificates > keystore .
2. Under Additional Properties, click Personal certificates.
3. Select a personal certificate.
4. Click Extract.
5. Type the full path for the certificate file name. The signer certificate is written to this certificate file.
6. Select a data type from the list.
7. Click Apply.

Results : The signer portion of the personal certificate is stored in the file that is provided.

What to do next : This signer can now be imported into other keystores.

Adding a signer certificate to a keystore

Signer certificates establish the trust relationship in SSL communication. You can extract the signer part of a personal certificate from a keystore, and then you can add the signer certificate to other keystores.

Before you begin

The keystore that you want to add the signer certificate to must already exist.

Alternative Method: To add a signer certificate to a keystore by using the wsadmin tool, use the addSignerCertificate command of the AdminTask object. For more information, see SignerCertificateCommands command group for the AdminTask object.

addSignerCertificate

The addSignerCertificate command add a signer certificate from a certificate file to a keystore.
Required parameters

-keyStoreName

Specifies the name that uniquely identifies the keystore configuration object. (String, required)

-certificateAlias

Specifies the name that uniquely identifies the certificate request in a keystore. (String, required)

-certificateFilePath

Specifies the full path of the request file that contains the certificate. (String, required)

-base64Encoded

Specifies that the certificate is a Base64 encoded ASCII data file type if the value is set to true. Set the value of this parameter to false if the certificate is a binary DER data file type. (Boolean, required)

Optional parameters

-keyStoreScope

Specifies the scope name of the keystore. (String, optional)

$AdminTask addSignerCertificate {-keyStoreName testKeyStore -certificateAlias default -certificateFilePath <file path> -base64Encoded true}

About this task

Complete the following steps in the administrative console:

Procedure

1. Click Security > SSL certificate and key management > Manage endpoint security configurations > Inbound | Outbound > SSL_configuration_name > Key stores and certificates.
2. Select a keystore from the list of keystores.
3. Click Add signers.
4. Enter an alias for the signer certificate in the Alias field
5. Enter the full path to the signer certificate file in the File name field.
6. Select a data type from the list in the Data type field.
7. Click Apply.

Results

When these steps are completed, the signer from the certificate file is stored in the keystore. You can see the signer in the keystore files list of signer certificates. Use the keystore to establish trust relationships for the SSL configurations.

Exchanging signer certificates

To establish trust relationships, you can exchange signer certificates between keystores. When you exchange signer certificates, you are extracting a personal certificate from one keystore and adding it to another keystore as a signer certificate.

Before you begin

To exchange signer certificates, there must be two keystores.

About this task

Complete the following steps in the administrative console:

Procedure

1. Click Security > SSL certificate and key management > Manage endpoint security configurations > {Inbound | Outbound} > ssl_configuration > Key stores and certificates.
2. Select two keystores from the list of keystores.
3. Click Exchange signers.
4. Select any of the certificates in the first personal certificates list, and click Add. After adding, the signer part of the selected personal certificate appears in the other (second) keystore signers list.
5. Select any of the certificates in the second personal certificates list, and click Add. After adding, the signer part of the selected personal certificate appears in the other (first) keystore signers list.
6. Optional: If you need to remove any of the certificates from either of the signers lists, highlight one or more of the certificates, and click Remove.
7. Click Apply and Save.

Results

The signer certificate appears in the list for each keystore.

What to do next

The extracted signer certificate is available to both keystores during the connection handshake.

 

PersonalCertificateCommands command group for the AdminTask object

AdminTask object includes the following commands:

Heapdump
 

Set up for enabling heap dump:

• For V6.0 release:
  
  1. To set the following Environment Entries from the administrative console: Select Servers > Application Servers >server_name> Java and Process Management > Process Definition > Environment Entries > NewAdd the following Name/Value pairs: IBM_HEAPDUMP true
     IBM_HEAP_DUMP true
     IBM_HEAPDUMPDIR your_directory IBM_HEAPDUMP_OUTOFMEMORY true
     IBM_JAVADUMP_OUTOFMEMORY true
  Make sure that you save changes to the master configuration
  
  
  
  
  
  
  When you create a Heap Dump in the Managing Server VE from the Heap Dump Management menu, the heap dumps get created in the $WAS_HOME/profiles/<ProfileName> dir.
  If you want to change this default directory to another dir, say /tmp add these new parameters in your WAS admin console (see first screenshot below) and restart your server.
  Now go back into your MS VE and create a new Heap Dump. You will see that the directory has changed from the default dir to the new dir /tmp. This is where the new Heap Dump is located. (See second screenshot here showing that the dir has changed from /opt/IBM/WebSphere/AppServer/profiles/AppSrv01 to the /tmp dir.)
  
  

Some of the interview Questions

Some of the interview Questions

 

How to Interview for a Job in American or anywhere English

Some of the interview Questions that i faced recently.

• If admin server is down and if we changed any setting in managed server, will admin get all those setting after getting up?
• Can a stuck thread still do reasonable work?
• How do you deal with the corrupted config.xml?
• how do you deal with the corrupted configuration like JDBC , JMS files?
• What are the available logs Created in Weblogic?
• What is a TTL in weblogic?
• What are the difference between Connection pool and data source?
• What happens if we delete the log files when the server is running & when the server is not running?
• Can we change the name of the log files when the process is running?
• What is HTTP tunneling in weblogic?
• How many types of weblogic installation ?
• How do you clean the Cache in Weblogic?
• What are the recommendations for the number of WebLogic Server Instance (JVM) per CPU?
• Tell about the Weblogic Boot Up sequence?
• Does WebLogic Server dynamically use additional CPUs added to a managed server on the fly?
• Can a WebLogic Server (WLS) admin server running on a 32-bit JDK be configured with a managed server running on a 64-bit JDK?
• What is the difference between -Dweblogic and setting values in weblogic console?
• How to disable admin port in weblogic without weblogic console?
• What are Pinned services in Weblogic?
• Why we need Weblogic Inactive Connection Timeout in Weblogic
• How do I integrate JNI ( Native code ) code into weblogic?
• I want to set Prodcution Mode to true in Admin Domain , would this also run all the managed servers in Production Mode ?
• What is the deployment process in weblogic?
• How does the deployment to a cluster work if one of the member is down
• How do you differentiate between a server hang and server crash issue?
• what is the difference between .jar .war and .ear files?
• What are deployment descriptors?
• What is a shutdownhook?
• What is a File Descriptor?
• What is fast swap in weblogic?
• How do we find the applied patches done in Weblogic
• What are core , thread and heap dump?
• What is a network channel in Weblogic?
• What are Resource adapters?
• How does Credentials are passed to Weblogic server?
• How do we communicate with external components?
• What is cross cluster replication in weblogic?
• What is a DBPing and multiCast utility do?
• What is the use of Pack Command>\?
• Does weblogic server works as a Web Server?
• What are the available roles in weblogic?
• What is a Client application archive?
• What are the types of deployment methods in Weblogic?
• What are the types of packaging files for deployment?
• Can an application be deployed without any deployment descriptors?
• What are the values tuned in web logic?
• What are the differences between multicast and unicast clustering?
• What are the data source states?
• When does a Data Source goes to Suspend State?
• What is a Overload state in Weblogic?
• What is the sequence of Weblogic Server startup?
• How can the cluster members will communicate?
• What are the difference b/w web server and proxy server?
• Difference between horizontal clustering, vertical clustering and where both are used?
• If data source is configured but then after DB server is not running then what is the state of data source?
• What is the difference between heap dump and thread dump?
• What kind of problems would you expect to encounter when trying to increase a managed server's maximum heap size to 3 GB? If an application was suffering short periodic freezes, and no errors were appearing in the logs, can you suggest a possible cause?
• If a managed server is crashing with a StackOverflow exception, what could be the cause?
• Describe how you might run a WLST script?
• What is a Smart Update in weblogic?
• What is a weblogic version compatibility?
• Can a node manager run with a different version of weblogic version?
• Can weblogic cluster be configured in a mixed platform ?
• What is a Harvester in WLDF?
• What are Watches and Notifications in WLDF?
• What are the types of data sources provided in weblogic?
• Can JDBC datasource be shared across clusters or to other developers?
• What is Cluster-wide JNDI tree?
• What are the types of Session Replication in weblogic?
• When does a Weighted Round Robin algorithm used,Explain a Scenario?
• What is the Diff b/w Xa and Non-Xa Datasource ?
• What are the Deployable Modules and Deployment modes?