It's been increasingly frustrating to support our OnTime Group Calendar for Microsoft customers with on-prem Exchange as they usually use a self-signed certificate for TLS resulting in Java throwing a fit. Getting the certificate chain using a browser or OpenSSL is easy enough but for some customers that still prove too difficult. I couldn't find a tool to automate the export so I wrote a small tool in Java. The tool simply takes the address of the site to contact and saves the certificate chain as individual PEM files ready for import into the Java keystore. Now there is no fingerprint check so use at your own risk. Using the tool is like so:
java Main http://www.ibm.comThe code is available on Github and doubles as an example of how to accept all certificates using a custom TrustManager and HostNameVerifier. I even threw in some Java 8 to make Rene happy :(
Just yesterday I blogged about how easy it was to get Eclipse configured for IBM Notes 9.0.1 plugin appdev. And it was easy - it just didn't work for real development. After I imported all the plugins for the OnTime Group Calendar clients nothing would compile. After looking for a while I could see that most errors was from resolving the SWT classes such as Display, Canvas and so on and that made me think of a similar issue I had on Mac. I dove into the target platform definition. In the target platform definition I went on the Environment tab and set the following:
- Operating system: win32
- Windowing system: win32
- Architecture: x86
Needed to generate fake names and emails today for a stub API I'm developing. Found a github gist that did the trick. Very easy. Just had to install the faker gem first:
$ sudo gem install fakerThe example generates to CSV but I needed from object instances for C# so changed the code as such:
require 'faker' require 'securerandom' File.open("output.txt", "wb") do |file| i=0 until i == 500 uuid = SecureRandom.uuid fake = "new SearchUserResult(\"" + Faker::Name.name + "\", \"" + Faker::Internet.email + "\", UserType.Person, \"" + uuid + "\"),\n" file << fake i=i+1 end end
A member of the community reached out to me yesterday to ask whether I recognized a specific error message he was encountering trying to make Eclipse launch Notes 9 correctly for plugin development. I came back with a few suggestions but as I hadn't tried on Windows 10 yet I really couldn't offer much help. This morning I tried configuring Notes 9.0.1 for plugin development on Windows 10 and it went smoothly. Here are the steps I took:
- Download Eclipse Neon for RCP and RAP development bundle for Windows 64 bit
- Unzip bundle and launch Eclipse
- Follow the steps described in my Configure Eclipse 4.2 for Notes 9 post
- When configuring variables I used the following values:
- install_id: 1460097942140
- rcp.base_version: 9.0.1_20131002-1404
- rcp.home as described in above post
Had somewhat of a surprise today when IBM Support informed us that the issue our customer was experiencing could be due to unsupported characters in the password of the user mapped to the connectionsAdmin J2C alias. Say what!? But apparently there are restrictions on the different characters one can use. The password we were using had exclamation point (!) in it which is a no no. The customer is currently on WebSphere Application Server 18.104.22.168 and support suggested we try and upgrade to 22.214.171.124. Funny thing is that the customer has been using that password for years so it must have worked previously.
WebSphere Application Server 8.5.5 InfoCenter: Characters that are valid for user IDs and passwords
Today I extended the build script to monitor another branch so I now both deploy into our "bleeding edge" environment and our test environment.
The post-receive hook is written in bash and is as below. It took me a while to grok but a hook is simply a script that runs as the server OS user when ever something happens. The script is free to run as another user so my script runs as a special Git user so we can distinguish between which users does what. It also means that I could restrict access to feature/eventboard branch so it's only writable by this build user.
The only caveat about this hook was that we are using Atlassian Bitbucket which apparently only accepts hooks written in Java. There is however a way to add bash-based hooks directly in the file system on the server under /<bitbucket-home>/shared/data/repositories/<repoid> where the repoid can be found in the repository settings on the Bitbucket server if logged in as admin.
#!/bin/bash CHECKOUT_NAME=eventboard MERGE_INTO_BRANCH=feature/eventboard MONITOR_BRANCH1=feature/eventboard_web MONITOR_BRANCH2=feature/eventboard_backend WORKING_DIR=/local/stash-hooks-work while read oldrev newrev refname do branch=$(git rev-parse --symbolic --abbrev-ref $refname) echo "Currently on branch '$branch'" if [ "$MONITOR_BRANCH1" == "$branch" ] || [ "$MONITOR_BRANCH2" == "$branch" ]; then echo "Detected commit on $MONITOR_BRANCH1 or $MONITOR_BRANCH2 - merging..." if [ ! -d "$WORKING_DIR" ]; then mkdir -p $WORKING_DIR fi cd $WORKING_DIR unset GIT_DIR if [ ! -d "$CHECKOUT_NAME" ]; then # repo doesn't exit - abort echo "*** Required repo for post-receive hook not configured - exiting..." exit else cd $CHECKOUT_NAME git reset --hard git checkout $MERGE_INTO_BRANCH git pull origin $MERGE_INTO_BRANCH fi git fetch origin $MONITOR_BRANCH1:$MONITOR_BRANCH1 git fetch origin $MONITOR_BRANCH2:$MONITOR_BRANCH2 git merge $MONITOR_BRANCH1 $MONITOR_BRANCH2 -m "Merged \ '$MONITOR_BRANCH1' and '$MONITOR_BRANCH2' into \ '$MERGE_INTO_BRANCH'" git push origin $MERGE_INTO_BRANCH fi done
I had to document some steps using the Apache Portable Runtime (APR) and TLS configuration and for that needed APR on my Mac. I couldn't really make it work at first but after fiddling a bit I figured it out. There are the steps in bullet form:
Download APR and compile
- Download APR from Apache (http://apr.apache.org/). I downloaded v. 1.5.2.
- Compile in Terminal.
- CFLAGS='-arch x86_64' ./configure
- make test
- make install
Install OpenSSL with headersThe OpenSSL on Mac doesn't come with the header files so you cannot compile the Tomcat native library by default. To fix that use Homebrew to install a new version of OpenSSL first.
- Install Homebrew per instructions on the website
- brew install openssl
Compile Tomcat native libraryThe Tomcat native library is supplied with the Tomcat download. My Tomcat was v. 8.0.17. Steps as below:
- cd Tomcat8.0.17/bin
- gunzip tomcat-native.tar.gz
- tar xf tomcat-native.tar
- cd tomcat-native-1.1.32-src/jni/native
- CFLAGS='-arch x86_64' ./configure --with-apr=/usr/local/apr --with-ssl=/usr/local/opt/openssl
- make install
Configure Tomcat to use APRThis step is basically just to make sure that the Tomcat native library is on the Java Library path. Do as follows:
- cd Tomcat8.0.17/bin
- vi setenv.sh
- Add text: JAVA_OPTS="-Djava.library.path=/usr/local/apr/lib"
Now when you run Tomcat using catalina.sh you should see a line like below stating what version of the native library was loaded.
15-May-2016 18:14:01.106 INFO [main] org.apache.catalina.core.AprLifecycleListener.lifecycleEvent Loaded APR based Apache Tomcat Native library 1.1.32 using APR version 1.5.2.
I continuously get questions on how I do Java agent development and I'm happy to answer them as I hope that some of the answers I provide means that more and more Domino developers see Java as a strong alternative to LotusScript for background processing. Most times the approach I recommend is a mock object approach that I wrote about waaaaaay back in 2006 (did I really write that 10 years ago?!?!?).
If / when you want to read the posts please start from part no. 1. Here's a link to all 5 parts:
- Java in Notes/Domino Explained: Test agents in Eclipse by extending AgentBase (part 1)
- Java in Notes/Domino Explained: Test agents in Eclipse by extending AgentBase (part 2)
- Java in Notes/Domino Explained: Test agents in Eclipse by extending AgentBase (part 3)
- Java in Notes/Domino Explained: Test agents in Eclipse by extending AgentBase (part 4)
- Java in Notes/Domino Explained: Test agents in Eclipse by extending AgentBase (part 5)
Hope this helps but if it doesn't please let me know.