Unable to load SiteMinder host configuration object or host configuration file - windows

The application log in the event viewer shows
Unable to load SiteMinder host configuration object or host configuration file
for Siteminder 12.51 on IIS 7.5 (64bit) OS Windows 2008 (64bit).

When do you get the error? Is it when you're configuring the Webagent?
Anyway, verify the following.
Verify your environment variables are set correctly, if must have references to the Webagent files, you may need to export the envvars in the webagent or policy server folder (nete_wa_env...) file.
if the host config object you're using exists? Verify this using the
Admin UI
If the hostname is configured in the policy server as a trusted host
Verify if the settings are correct in the corresponding SmHost.conf file in the webagent folder
Verify and eliminate any duplicate or conflicting lines in your IIS config files which refer to siteminder.
Verify the host config object and the agent config object settings.

make sure WebAgent.conf is pointing to the correct SmHost.conf and SmHost.conf has the correct HostConfigObject defined (with the exact case that is used in the Policy Store).
If the HCO in the Policy Store is named "DefaultHostSettings" and SmHost.conf contains HostConfigObject=defaulthostsettings you will get this type of error.

Try re-registering the web agent with the policy server using the smreghost command.

Related

Hashicorp Vault Server UI loads a blank screen

I am trying to run hashicorp vault server as windows service in windows 10 system.
Vault server UI is showing as blank screen.
Please refer my configuration details.
config.hcl
ui = true
backend "consul" {
address = "127.0.0.1:8500"
path = "vault/"
}
listener "tcp" {
address = "127.0.0.1:8200"
tls_disable = 1
tls_cert_file = "c:/vault/config/certificate.crt"
tls_key_file = "c:/vault/config/privkey.key"
}
By default vault server is running in this (http://localhost:8200/ui/) local URL. When i navigate to this 8200 port , Blank ui screen is displayed.
Console log of Vault UI
But at the same time hashicorp vault server UI is loading if we run vault as container based application.
Windows service command I used to run vault service:
sc.exe create VaultAgent binPath= "C:\vault\vault.exe server -config=C:\vault\config\config.hcl" displayName= "Vault Agent" start= auto
Note: vault.exe is downloaded from vault windows amd64 version this url.
I am able to receive the response from vault server. Please refer the image.
vault server backend response
Note: Consul service is up and running. Please refer the image.
consul server up and running
How to bring up the Vault server UI up and running? Am i missing something.?
Note: Below are the Vault server UI console logs
unseal:1 Refused to execute script from 'https://localhost:8200/ui/assets/vendor-dd308e6ebdb070a5a829a0c0d6e74f61.js' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.
unseal:1 Refused to execute script from 'https://localhost:8200/ui/assets/vault-8a8f62829e5ad33487e21f63af47c80d.js' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.
unseal:1 Refused to execute script from 'https://localhost:8200/ui/sw-registration-1b862bc1e33e4a8a41781d56c3469209.js' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.
Latest version of the Hashicorp is having an bug and it is in opened stage. Please refer the url.
GitHub issue link
So you can little go back with old version(1.8.8) of vault and try to run it as windows service and UI should be up and running.
Note: v 1.8.8 is having it's own feature and not having all the features of the latest vault version.
Download the 1.8.8 vault for windows

MariaDB on HomeBrew: Enabling Network Access

I have just installed MariaDB 10.4 using Home Brew. I was finally able to set the root password, and I am now trying to enable network access.
I think have added the correct directive:
bind-address=0.0.0.0
The thing is, is it to the correct my.cnf? I have tried adding it to /usr/local/etc/my.cnf as well as to a my.cnf I found in various Cellar directories.
It doesn’t seem to work. I get the message
Host … is not allowed to connect to this MariaDB server
even when I try from the local machine.
Am I setting the directive in the wrong file, or is there something else I should be doing.
Check that your user have the privilege to access the database from remote by running:
SELECT User, Host FROM mysql.user
Check also that you don't have the skip_networking configuration property set.
Read also the following documentation page: Configuring MariaDB for Remote Client Access

How login to a Custom docker registry with SSL Cert from Windows server

I am trying to login to a private repository from a windows machine using the docker command prompt, but I cannot figure out where I am supposed to place the SSL cert on a Windows machine.
I have successfully logged in from a Linux machine by placing the cert file in /etc/docker/certs.d/mydomain.com:port/
I have found in some of the documentation they are suggesting to place this .cert file in
C:\Program Files\Docker\certs.d{my domain goes here }{port}
But Still, I'm getting below error when I'm trying to log in
Error response from daemon: Get https://{my domain goes here }.com:{port No}/v2/: x509: certificate signed by unknown authority.
Can anyone help me to sort out this issue?
I think I have found my mistake, which is I have placed the .cert file in
C:\Program Files\Docker\certs.d{my domain goes here }{port}.
It should be in,
C:\ProgramData\docker\certs.d{my domain goes here }{port}
(Please note that this ProgramData folder is a hidden folder)

How to solve Geoserver Jetty "Module not found ssl" error?

My objective, is to configure the Jetty in such a way that it enables HTTPS request for Geoserver.
To be a bit specific, I am downloading the Geoserver Windows Installer.
As tested both version 2.9-RC1 and 2.10.2, they throw the warning
"Module not found [ssl]" as soon as it is started.
Jetty version: 9.2.13.v20150730
I am referring to the info here to try setup the simplest test (self-signed) for the jetty, but still no luck.
What I did:
Use Keytool create a self-signed keystore
Replace the keystore generated from 1) to directory etc/keystore
Edit the jetty-ssl.xml, replace the password (attribute default) with mine
Edit the file start.ini, add --module=https, jetty.secure.port=8443
Launch the batch file.
What did i miss?
P.S.: Geoserver works perfectly in HTTP. This post is asking about configuration for HTTPS.
Here are the steps to enable jetty to run geoserver on https, port:8443
• Configuring Jetty for SSL
follow this link to create ssl certificate and keystore. https://www.eclipse.org/jetty/documentation/9.1.5.v20140505/configuring-ssl.html
Now open jetty-ssl.xml file present in Geoserver/etc folder and replace the KeyStorePassword, KeyManagerPassword, TrustStorePassword with the new password which is created while creating keystore.
Open & check jetty.xml file in same folder, on which port https will run.
• Add new Keystore in Geoserver
Copy the created keystore file and replace with the existing available in etc folder of geoserver ex: C:\GeoServer\etc.
Now check if ssl.mod file is present in modules folder or not, ex: C:\GeoServer\modules.
If present, then open the file and replace the password in jetty.keystore.password, jetty.keymanager.password and jetty.truststore.password with the new password. Otherwise download it from “http://central.maven.org/maven2/org/eclipse/jetty/jetty-distribution/9.2.13.v20150730/jetty-distribution-9.2.13.v20150730.tar.gz.
NOTE : Please make sure password entered should be same as in jetty-ssl.xml.
Open start.ini file present in C:\GeoServer folder add --module =ssl, --module=https and jetty.secure.port=8443 (if https is running on Port 8443.
Run geoserver, enter url https://localhost:8443/geoserver (assuming geoserver on local system).
The https module has a dependency on the ssl module. The error is stating it cannot find ssl.mod in the ${jetty.home}/modules (or, depending on your config, ${jetty.base}/modules) directory.
The ssl module comes standard as part of the Jetty distribution so it has either been deleted, moved or renamed as part of your implementation.
For Geoserver 2.12.1, I manually installed "ssl.mod" from jetty-distribution-9.2.13.v20150730.tar.gz in Geoserver's etc/modules directory. Then the warning message didn't occur again in the log.
remember to add --module=ssl to start.ini
complete password and keystore/truststore location in jetty-ssl
port in jetty-https default 443
port in jetty xml can stay at default 8443
open ssl mod in a text editor and comment out the keystore under the [files] tag
ini-template tag --jetty secure port can stay at 8443
Comment out anything that refers to jetty keystore as these are set in jetty-ssl
open https mod and change https port to 443, restart geoserver.
Geoserver should now run over jetty https:// with no port number.

How to run jython script from RAD using credentials from properties file?

According to documentation: http://pic.dhe.ibm.com/infocenter/rsawshlp/v7r5m0/index.jsp?topic=%2Fcom.ibm.ws.ast.jythontools.doc%2Ftopics%2Ftjythondebug.html to run jython script with credentials "As defined in soap.client.props or sas.client.props file":
The sas.client.props and the soap.client.props files are located in
the properties directory for each WebSphere Application Server
profile, for example x:/profilePath/properties
I've created file:
C:\IBM\WebSphere\AppServer85\properties\soap.client.props
The next part is about setting com.ibm.CORBA and com.ibm.SOAP properties. Because it is not written, which of them are used as credentials, I've set both:
com.ibm.CORBA.loginUserid=user
com.ibm.CORBA.loginPassword=pass
com.ibm.CORBA.loginSource=properties
com.ibm.SOAP.securityEnabled=true
com.ibm.SOAP.loginUserid=user
com.ibm.SOAP.loginPassword=pass
But I can't run the script on WebSphere:
WASX7246E: Cannot establish "SOAP" connection to host "localhost"
because of an authentication failure. Ensure that user and password
are correct on the command line or in a properties file.
I'm using IBM RAD 9.0 and WebSphere 8.5
What I'm doing wrong? I've done everything as I've understood from cited documentation, but it's very laconical and unprecise for me.
Depending on the connector being used (SOAP or RMI), wsadmin retrieves credentials from either soap.client.props or sas.client.props. In your case the connector is SOAP (that's what the error message suggests), so you have to edit two lines in soap.client.props:
com.ibm.SOAP.loginUserid=...
com.ibm.SOAP.loginPassword=...

Resources