Create a simple HTTPS server with OPENSSL S_SERVER

This post will mostly serve as a reference for future posts, the goal is to create the simplest HTTPS webserver possible, which will serve to test certificates, authentication via private keys and in the end; configure SSL offloading to an Apache HTTPD, which will act as a proxy between your client and the secure endpoint.

GOAL: At the end of this article, you will have a running secure web server which you can access via your web browser and/or via an SSL client. Continue reading “Create a simple HTTPS server with OPENSSL S_SERVER”

Weblogic, 1 managed server gives HTTP Error 401 Unauthorized, other works fine.

I encountered this weird behaviour last week where one managed server in a cluster of two servers constantly gave the error “HTTP Error 401 Unauthorized“.

The setup was a standard Oracle Service Bus installation on Oracle Weblogic.
The domain consisted out of one Admin server, one cluster with two managed servers.

Managed Server #1 was acting without problems but all the requests which needed authentication and which where pointed to Managed Server #2 failed and responded with a 401 Unauthorized message.

There was an error in the logs of MS#2, which is displayed at the bottom of this post as well.

#### <> <Inbound http BASIC authentication failed
javax.security.auth.login.FailedLoginException: [Security:090304]Authentication Failed: User webhosting javax.security.auth.login.FailedLoginException: [Security:090302]Authentication Failed: User webhosting denied

The solution to this problem lies in the internal LDAP configuration of the faulty Managed Server. I did not find an answer to what might have caused this problem, but the solution was to rebuild the LDAP setting of the Managed Server.

This is done by following these steps:

  1. Shut down Managed Server via Weblogic Console
  2. Log in via SSH
  3. Rename the following folder: %domain_directory%/servers/%osb_managed_server_1%/data/ldap
  4. Start the Managed Server via Weblogic Console

These steps will rebuild the LDAP folder, which is the internal LDAP to which Weblogic authenticates.

You can then remove the folder you’ve backed up in step 3.

Continue reading “Weblogic, 1 managed server gives HTTP Error 401 Unauthorized, other works fine.”