Archive for August, 2008

DA/Webtop performance slow

August 29, 2008 at 2:00 pm · Filed under Documentum

The DBA might like to try

execute DBMS_STATS.GATHER_DATABASE_STATS;

Leave a Comment

FTI Server Config Post Migration issue list

August 29, 2008 at 1:55 pm · Filed under Documentum

1. Creating of index agents the FTI expects Server Config object to be same name as docbase. Thus shutdown docbase. Edit server.ini, change the docbase config to that of docbase name. Start back up. Now you have a server config same name. Shut down, restore the original name of the serverconfig in the server.ini. Start back up.

2. Go to DA, To security and search for acl, dm_f – ensure the owner is the docbase owner (if that name changed after a migration.

Leave a Comment

SSL Checklist Apache2 Centos5 HideMyIP

August 25, 2008 at 12:04 am · Filed under Linux

Installing an SSL certificate on Apache2 on Centos5

If you have not generated a certificate then suggest you jump to that section first then scroll back up.

Checks to be made in

/etc/httpd/conf.d/ssl.conf
under <VirtualHost _default_:443>

1. ServerName www.<mysite.com>:443

(Failure to set this will result in SSL_ERROR_RX_RECORD_TOO_LONG or “unsupported proxy” by Firefox)

2. In ssl.conf: SSLCertificateFile  <path to> /www.<mysite.com>.crt
This is the file sent by the SSL certificate provider.

3. In ssl.conf: Ensure SSLCertificateKeyFile is set to valid path to key

4. In ssl.conf: SSLCertificateChainFile  <path to> gd_intermediate_bundle.crt
The bundle file comes with the certificate (at least with DoDaddy).

5. Check iptables, port 443 should be enabled.

6. Check ssl is installed (yum list | grep ssl)

7. Check router port forwarding is enabled for port 443.

8. If you are testing a web server on the same net as the machine there is a chance the router is resolving the external facing ISP issued IP in such a way that it is impossible to test a your own website from the internet. intranet.  Some routers don’t permit it at all, e.g. netgear DG814 with recent firmware v 4.10 or below.

The fix is to use a proxy server like www.turbohide.com for testing or even install (read warning before buying) HideMyIP from www.hide-my-ip.com to fake the ip of the machine used to test.  You get a 3 day trial or buy for £16 ish. Warning: HideMyIp will reduce your bandwidth very noticeably unless you upgrade to the premium service this is probably because of the proxies used as the free ones suffer also – though there are other products – I’ve not tried them.

9. Restart web server

# /usr/sbin/apachectl graceful
httpd not running, trying to start
Apache/2.2.3 mod_ssl/2.2.3 (Pass Phrase Dialog)
Some of your private key files are encrypted for security reasons.
In order to read them you have to provide the pass phrases.

Server www.<my site>.com:443 (RSA)
Enter pass phrase:

OK: Pass Phrase Dialog successful.

If you don’t get the above information the first time when you start then your cert is not installed properly.

10. Protect your pages. For example (and there are many on the net)

if ($_SERVER['SERVER_PORT'] != 443)
{
header(“Location: https://www.mysite.com/”); // ssl site now
exit;
}

and/or setup a location rewrite in ssl.conf:

<Location /mywebfolder>
RewriteEngine on
RewriteCond %{SERVER_PORT} !=443
RewriteRule ^.*/mywebfolder(.*)$ https://%{SERVER_NAME}:443/mywebfolder$1 [R]
</Location>

or .htaccess in the web folder – here we are challenged for a password and its said where the .htpasswd file is:





AuthUserFile /var/www/html/.htpasswd

AuthName "Secret stuff going on here - you need a password"

AuthType Basic

Require valid-user

RewriteEngine On

RewriteCond %{HTTPS} !=on

RewriteRule ^(.*) https://%{SERVER_NAME}/$1 [R,L]



Any of this not working then check the error_log (in /etc/httpd/logs). Not forgetting to apachectl graceful and clear the browser session info between tests (for the password challenge bit).


Generate Certificate


Execute this:


openssl genrsa -des3 -out www.<my site.com>.key 1024


Use the outfile and execute this:


openssl req -new -key www.<my site.com>.key -out <my site.com>.csr


The resulting file is <my site.com>.csr


`cat` the file to copy the content and past it into the browser with prompted by the ssl issuer.


								

			
				

				
				Leave a Comment				

			
			

				
				
			

	
				
Convert postcode to longitude and latitude

			
				
 
				August 14, 2008 at 12:55 am 
				· Filed under Linux,  Uncategorized												

			
				

									
Usage:


./postcodetolonglat.sh 'SK99 9LZ'


Creates a little temp file called ‘postcode’. The file is put in /tmp and is of course unique for each execution of the program.  These files can be cleared out quite easily as part of maintenance of the /tmp folder. (i.e. a weekly cron that executes


find /tmp -mtime +1 -user apache -exec rm {} \;


where the file will be at least a day old and is owned by apache which (in my case) is the apache user for the apache web server.


Script:


#!/bin/bash
. `/usr/bin/wget "http://maps.google.com/maps/geo?q=$1" -O "/tmp/$1"`
LAT=`cat "/tmp/$1" | awk -F "[" '{print $4}' | awk -F "," '{print $2}'`
LON=`cat "/tmp/$1" | awk -F "[" '{print $4}' | awk -F "," '{print $1}'`
echo "<script language=JavaScript>"
echo "   var Lon=$LON;"
echo "   var Lat=$LAT;"
echo "   var orig='$1';"
echo "</script>"


Then in, say, google maps:


From your browser, call (for example for the Warminster postcode of the R.E.M.E - BA12 0BS)


http://server.com/map4.php?pc=BA12%200BS


The code for map4.php is below.


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:v="urn:schemas-microsoft-com:vml">
  <head>
    <?php
$Postcode= $_GET['pc'];
echo passthru("./postcodetolonglat.sh '$Postcode'");
?>
    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
    <script src="http://maps.google.com/maps?file=api&amp;v=2&amp;key=ABQIAAAA2OgjrxQMCCnZOIKNKqdqqxQQ2LfZc7AlgWy0LicD3n_XCYU-EBSRAF96CM-HbX18JJscTSEShXpbfg"
            type="text/javascript"></script>
    <script type="text/javascript">
    function initialize() {
      if (GBrowserIsCompatible()) {
        var map = new GMap2(document.getElementById("map_canvas"));
        var gll = new GLatLng(Lat,Lon);
        map.setCenter(gll,17);
        map.addControl(new GSmallMapControl());
        map.addControl(new GMapTypeControl());
        GEvent.addListener(map,"click", function(overlay,latlng) {
          if (latlng) {
            var myHtml = "The GLatLng value is: " + map.fromLatLngToDivPixel(latlng) + " at zoom level " + map.getZoom();
            //map.openInfoWindow(latlng, myHtml);
                alert(gll.toUrlValue(10));
          }
        });

      }
    }
    </script>
  </head>

  <body onload="initialize()" onunload="GUnload()">
    <div id="map_canvas" style="width: 100%; height: 100%"></div>
    <div id="message"></div>
  </body>
</html>


								

			
				

				
				Leave a Comment				

			
			

				
				
			

	
				
Startup index agent

			
				
 
				August 7, 2008 at 7:05 pm 
				· Filed under Documentum												

			
				

									
$ cd $FASTSEARCH/bin &&  ./startup.sh && ./nctrl start j2ee && ./nctrl start httpd && ./nctrl sysstatus


Before going to web interface, execute startup.sh in


$DOCUMENTUM/dfc/IndexAgents/IndexAgent1


To get to web interface put the full url to:


http://<fdqn>:9081/IndexAgent1/login.jsp


								

			
				

				
				Comments (1)