Node Manager
Instructions for configuring Node Manager...
From <domain>
./bin/startNodeManager.sh
edit "./nodemanager/nodemanager.properties".
ListenAddress=0.0.0.0
SecureListener=false
Configuring Security Certificates
For full details, see: Enabling Host Name Verification Certificates for Node Manager.
Better to use wildcards for hostname verification...
set EXTRA_JAVA_PROPERTIES=-Dweblogic.security.SSL.hostnameVerifier=weblogic.security.utils.SSLWLSWildcardHostnameVerifier %EXTRA_JAVA_PROPERTIES%
Concept... Replace the default security certificate with a new one with a wild-card. Any new node will be accepted. Simple! Does not require modifying each node. Hackers won't have access to the security certificate. Or will they?
Create a new certificate in <domain>/nodemanager.
export ALIAS="alias"
export STOREPASS="storepass"
export KEYPASS="keypass"
export DNAME="CN=*.vorpal.net"
export KEYSTORE="identity.jks"
keytool -genkey -keyalg RSA -keysize 1024 -alias $ALIAS -dname $DNAME -keystore $KEYSTORE -storepass $STOREPASS -keypass $KEYPASS
keytool -selfcert -v -alias $ALIAS -keystore $KEYSTORE -storepass $STOREPASS -storetype jks -keypass $KEYPASS
6) Add the following in nodemanager.properties file
1 2 3 4 5 6 | KeyStores=CustomIdentityAndCustomTrust CustomIdentityAlias=mykey CustomIdentityKeyStoreFileName=identity.jks CustomIdentityKeyStorePassPhrase=password CustomIdentityKeyStoreType=JKS CustomIdentityPrivateKeyPassPhrase=password |