Tag: Tech

Posted on

Part II: Setting up Apache, Tomcat, and mod_jk on RHEL4

After managing to get Tomcat5.5 working with Apache2 using mod_jk, my next venture was to enable SSL using a self-signed certificate in Tomcat. This proved to be quite a task.

The system I’m setting up is running RedHat Enterprise Linux 4.4. I installed all the official RedHat RPM’s to get Tomcat and Apache talking together with mod_jk (see Part I of this tutorial).

After 4 days of banging my head on my keyboard, I noticed that when I would run:

#java -version

It spit out this:

Java(TM) 2 Runtime Environment, Standard Edition (build pxi32dev-20061002a (SR3) )
IBM J9 VM (build 2.3, J2RE 1.5.0 IBM J9 2.3 Linux x86-32 j9vmxi3223-20061001 (JIT enabled)
J9VM - 20060915_08260_lHdSMR
JIT - 20060908_1811_r8
GC - 20060906_AA)
JCL - 20061002

This let me know that I am supposed to be using IBM’s version of java, which apparently is the default on my RedHat system, not Sun’s version. I think somewhere along the way I downloaded Sun’s jvm, and I assumed that I was supposed to be using it’s keytool to generate an SLL certificate for Tomcat, but such is not the case. This caused me much confusion, but here’s how I ended up fixing it:

1. Generate Keystore file
(NOTE: all of this assumes you already have Apache configured with SSL. I used OpenSSL, which I don’t go into here, but there are loads of resources online for you, and it’s relatively easy to do).

Assuming you have the default RedHat java rpm already installed, run this:

# /usr/lib/jvm/java-1.5.0-ibm-1.5.0.3/jre/bin/keytool -genkey -alias tomcat -keyalg RSA

NOTE: I used Tomcat’s default password of ‘changeit’ when prompted.

The keystore file gets dropped in the home directory of whatever user you are logged in as. I was root, so I then moved the keystore file to the tomcat home directory:

# mv /root/.keystore /etc/tomcat5/
# chown tomcat.tomcat /etc/tomcat5/.keystore

2. Next you have to edit Tomcat’s server.xml file

# nano /etc/tomcat5/server.xml

Uncomment the SSL connector and set it up like so:


<!-- Define a SSL HTTP/1.1 Connector on port 8443 -->
<connector port="8443" maxHttpHeaderSize="8192"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" scheme="https" secure="true"
clientAuth="false" algorithm="IbmX509" sslProtocol="SSL"
keystoreFile="/etc/tomcat5/.keystore"
keystorePass="changeit" />

Note that I added algorithm=”IbmX509″ and I changed sslProtocol=”TLS” to sslProtocol=”SSL”. This is necessary to get things working with IBM’s jvm.

3. Restart everything

# service tomcat5 stop
# service tomcat5 start
# apachectl restart

If you were following along from my last article, then browse to:

https://yoursite.com:8443/hello.jsp

If all went well, you should see the hello.jsp page showing you the system time!

Posted on

Setting up Apache, Tomcat, and mod_jk on RHEL4

I just got through setting up Tomcat5.5, Apache2, and mod_jk on a RedHat Enterprise AS4.4 machine at work. In the past, I have done this by compiling each component separately and fingling with config files until it all worked. But I wanted to stick with RedHat-approved RPM’s from the RedHat network to ease updates and patch management, and to allow the organization to have support options.

I had a lot of trouble finding any documentation on how to do this anywhere, so I thought I’d throw it out here for anyone in a similar situation in search of help.

The following are my notes, sprinkled with a little help I got from a RedHat support tech.

First, I had to enable the following channel within the RedHat Network for this system:

–Red Hat Application Server v. 2 (AS v. 4 for i386)

If you don’t have a RHEL license for updating your system, you will need one.

Once those channels were enabled, I installed the following packages using up2date at the command line:


# up2date tomcat5
# up2date tomcat5-webapps
# up2date tomcat5-admin-webapps
# up2date mod_jk-ap20

With the packages installed, I set out to configure a virtual host to pass requests to Tomcat as needed by using the mod_jk connector. The following steps explain how to do this for a web site called example.com using IP address 123.123.123.123. Substitute your domain and IP accordingly.

Step 1. – Add mod_jk to Apache

In /etc/httpd/conf/httpd.conf add this:


LoadModule jk_module modules/mod_jk.so
<ifmodule mod_jk.c>
JkWorkersFile "/etc/httpd/conf/workers.properties"
JkLogFile "/etc/httpd/logs/mod_jk.log"
JkLogLevel info
JkLogStampFormat "[%a %b %d %H:%M:%S %Y]"
</ifmodule>

That loads the module into Apache, tells apache where the worker is that will handle jsp/servlets, and tells Apache where to record log entries for mod_jk.

Step 2. – create a new file called /etc/httpd/conf/workers.properties and add this to it:


[channel.socket:example.com:8009]
port=8009
host=example.com
[uri:example.com/*.jsp]
worker=ajp13:example.com:8009

Step 3. Create a virtual host in /etc/httpd/conf/httpd.conf like so:


<virtualhost 123.123.123.123:80>
ServerAdmin webmaster@example.com
ServerName www.example.com
DocumentRoot /var/www/html
JkMount /*.jsp ajp13
JkMount /servlet/* ajp13
# Deny direct access to WEB-INF
</virtualhost>

Step 4. Set up Tomcat5 by adding this to /etc/tomcat5/server.xml just before the very last </Engine> tag at the bottom of the document:


<host name="example" appBase="/var/www/html" unpackWARs="true" autoDeploy="true">
<context path="" docBase="" debug="0" reloadable="true"/>
<alias>www.example.com</alias>
<valve className="org.apache.catalina.valves.AccessLogValve" directory="logs" prefix="web1_access_log." suffix=".txt" pattern="common" resolveHosts="false"/>
</host>

Still with me? We are almost done.

Step 6. Create a sample jsp file called /var/www/html/test.jsp and add this to it:


Time: < %= new java.util.Date() %>

Step 7. Start up the services

# apachectl start
# service tomcat5 start

Step 8. Try it!

Browse to http://www.example.com/test.jsp

If all went well, you should see the system’s current date and time when you load the web page. Congrats. Hope it works for you!

Posted on

Oh baby!!!

Circuit City finally got a new shipment of the Ion USB turntables, so I ran and snatched one up before someone else did. The first thing I did was convert the Bastro single of “Nothing Special” that Mr. Jeter hooked me up with to a nice rich MP3 encoding. Hopefully this won’t piss off David Grubbs too much (hey, we did go to the same church as kids), but here it is for your listening pleasure:

Bastro – Nothing Special

I was so stoked to hear this song again after about 15 years. Good, isn’t it?

I’m trying to find a permanent place to set this thing up to enable quick conversions of all my old vinyl, and when I do, I will be posting a lot of good stuff that needs to be heard, so stay tuned!

Posted on

Several Things Of Note

Please don’t send me Microsoft Word Documents. ‘Nuff said.

The Origami Boulder Company sells finely crafted works of art.

The 419 Eater details a hilarious scamming of the scammer in this effort to fight back against infamous Nigerian Scams (419’s).

Me and Jeremy getting mad props for Channel 18 on Mefi Music

Another Chatham family right-time-right-place newspaper appearance.

On those Interwebs, you have to know how to ask questions the smart way.

Sometimes, it’s useful to know how to snatch an expiring domain.

Another useful thing is A List of Every Website Statistic Publicly Available.

Sit back and laugh as you make your best friend talk to his/her ex boyfriend/girlfriend on the phone.

Joey’s history of bands in Louisville is good. That’s pretty much how I remember it too.

Posted on

The Old Switcheroo

On January 2 I’ll be going back to work at the Air Force Combat Climatology Center, but this time with a new contractor, P3I. My previous time there ended when the contract ran out and there was no money left to rehire me, but the new contract started with the new company, and it is good for a few years. They made me an offer I couldn’t refuse, and Alicia and I decided we were in need of a little stability in the work scenario right now. My position will be Web Applications Developer and Designer. That’s a mouthful.

I’m really looking forward to being back there in a lot of ways. I had a lot of good friends there, and have missed the comradarie as well as being able to work on some high-end applications and systems. I’ll be able to hit the ground running since I spent a year and a half there already.

However, I’ll definitely miss the flexibility I’ve had and the fun time I’ve enjoyed with Position Builders, especially the hacky sack breaks. It was really tough to make this decision, and I feel bad about leaving what was an excellent job with great people.

So that’s the news.

Following up on the previous post about the Ion ITTUSB turntable, I can’t find one in stock anywhere. I went ahead and placed an order with Amazon, but they said they wouldn’t have it in stock until January 27 – February 15. If anyone knows of anywhere that has one of these things in stock, PLEASE let me know! I can’t wait that long!

Posted on

Odds; Ends

From The “That’s So Disgusting” Department
Found a rather hilarious writeup about my Fingernail and Toenail Collection today over at I Am Such a Child. The pics aren’t working on that page, but you should be able to follow along.

I was contacted by MyHeavy.com about doing a video of myself performing my toenail licking ritual and submitting it to their site. June had originally mentioned that idea a couple of months ago, and I’ve just been waiting until the moment feels right. Stay tuned.

From The Online Web Tools Department
Check out this huge list of online generators for generating things such as 3-column CSS layout and accessible forms.

From The Tooting My Own Horn Department
Someone has erected a Myspace page for Crain. Nice job of collecting stuff.

From The Crucial Apps Department
If you use multiple monitors on your PC, then you must get Multi Monitor Taskbar, a freebie tool that puts a taskbar at the bottom of your second monitor, saving you mouse mileage and window confusion. It also has a nifty clipboard memory tool built in.

Posted on

ReviewMe.com

It is with mixed feelings that I announce this blog post is a paid review of ReviewMe.com.

On the one hand, I enjoy writing reviews, particularly of new Internet services, and I really like the idea of being paid to hang out on the Internet all day. Heck – that’s why I started some of the other sites I have started, such as TheBestofYoutube.com. Not that I’m making much more than enough to buy a Diet Coke per day off these ventures (yet).

On the other hand, it’s pretty much a sellout when you come here to see me writing for dollars. But can you blame me? If I even do any more of these, I promise to try and keep paid posts informative and objective. OK?

I saw a review of ReviewMe and thought I’d take it for a spin. It’s basically a site that is recruiting bloggers from everywhere to register and write reviews. If you have a product or service to sell, you can use ReviewMe to start generating an instant buzz about what it is you are trying to push. It’s really a pretty ingenious idea, really, brought to life through a snazzy Web2.0-style site that is easy to use and figure out.

My first impression of the service though, is that unless you are already a well-established blog writer online, your chances of making much money from ReviewMe are pretty slim. I submitted this blog and my Dumpworthy blog but the latter got rejected by ReviewMe for not being popular enough. The irony is that Dumpworthy is a review site. Go figure.

They seem to judge worthy blogs on the amount of linkbacks, traffic, and existing posts. Not a bad idea to weed out the cruft. Still, this site only received one out of 5 stars, so I am wondering if I will ever get contacted about writing any reviews. Were this blog more targeted to technology or something, I might get a higher score.

I think the ReviewMe service will probably become wildly popular though, as it is simple and effective, and it looked like you could make at least $40 per review. This gets the gears turning in my head for starting a new site that will be more focused, and might attract more potential reviews.

Perhaps this warrants a follow up review of ReviewMe in a few months; once I see if it works out at all.

Posted on

Calling Firefox Extensions Developers

A common task I always find myself doing in Firefox is searching through my boatloads of bookmarks (1100+) for something I remember the look of, but not the name or URL of. I tend to remember things visually, so this is a common problem I run into.

I’ve looked around for a Firefox extension that would do the following, but haven’t found anything. Does anyone know of a bookmark extension that would provide the following functionality?

  • Take a screenshot of a web page when it is bookmarked. (This could be optional somehow).
  • Show the screenshot when hovering over bookmarks in the Bookmarks menu.
  • Retroactively take screenshots of web sites already in your Bookmarks.
  • Be compatible with Foxmarks.

Yeah, so that’s probably asking quite a lot…but hey! This would be a killer extension if it did half of what I listed.

Any takers?

Posted on

Pictures

For a while I have enjoyed using my Olympus C-5050 digital camera, but ever since Alicia dropped it and we had to get it repaired it just hasn’t been the same. It takes a good 10-15 seconds to set up a shot, take it, and be ready for the next one. It still takes excellent pictures, but the lens mechanics never quite returned to normal.

I decided to sell that camera (wanna buy a camera?) and replace it with something simpler, smaller, and more transportable, so I went and got a Canon Powershot A530, which had just been knocked down to $149 at Best Buy.

What a camera! So far it has been perfect inside, outside, and at night. It’s small, it uses SD cards, which I already had, and it runs on AA batteries. I am in love with how well it fits what I was looking for: cheap, portable, fast, and excellent picture quality.

Anyway, I posted up a bunch of new pictures in my gallery, and the first 17 shots are with the new camera. Check out the new Sep/Oct 2006 pics.

Posted on

Asheville Tech Relaunch

I’m ready to start taking on more web design clients now that the big push to get FriendsForFamilies.com is over.

I thought I’d take the opportunity to do a redesign of my business site, Asheville Technologies.

I spent a long time trying to come up with a sharp look that remained down-to-earth at the same time. I wanted to emphasize the way I approach web sites, working to make something unique for each client, and building it from the ground-up.

Let me know what you think!

Asheville Technologies

clicky