LiveCycle Product Blog

At Adobe we are encouraged to think about innovation and look for new opportunities. In the Ottawa, Canada office we have set up a group that meets on Friday afternoon to discuss ideas and trends. One of the founders of this group and an euthusiastic member is LiveCycle Product Manager Mark Manca.

On a recent trip to headquarters in San Jose, Mark presented one of his ideas to an internal innovation review board run by Rick Bess called the Idea Showcase. Rick is a mentor for Adobe employees with bright ideas and is a huge supporter of the Ottawa group.

A writer from Fast Company was there to capture the event and likens it to software's version of American Idol. See the article and read about Mark, our local Adobe Idol on Fast Company's website or pick up a copy of the magazine's May edition.

Way to go Mark!

Posted by Jeff Stanier at 11:16 AM | Permalink | Comments (2)

Here are my notes for configuring SSL using a self-signed certificate on WebLogic 9.2 on Solaris 10:

Make sure the following environment variables are created
- JAVA_HOME (/usr/local/bea/jdk150_04/)
- PATH ($JAVA_HOME/bin:$PATH)

Confirm settings by the following commands:
which java should return this:
/usr/local/bea/jdk150_04/bin/java

Create a self-signed certificate valid for 1 year (365 days) using Sun's keytool with a command that resembles this:
$JAVA_HOME/jre/bin/keytool -genkey -keystore /usr/local/bea/weblogic92/server/lib/eTechIdentity.jks -storepass etechpass -keypass etechpass -keyalg RSA -validity 365 -alias etechalias -dname
"cn=bladerunner2.can.adobe.com, ou=Technical Marketing, o=Adobe Systems Canada Inc., st=ON, c=CA"

where:
bladerunner2.can.adobe.com is the fully-qualified domain name of the server

You might have to change ownership of this file (eTechIdentity.jks) to the user WebLogic runs as.

In the Admin Console, click the "Lock and Edit" button so that you establish an exclusive Admin lock on the domain to make configuration changes.

In the WebLogic Admin Console left navigation pane, navigate to :Environment:Servers::General
- check the checkbox for 'SSL Listen Port Enabled'
- for SSL Listen Port:, enter a number that is one up on the server's T3 port. Make sure the port is not being used on the box. The command netstat -an will tell you that.

Navigate to :Environment:Servers::Keystores
- For the 'Keystores' dropdownlist, choose 'Custom Identity and Java Standard Trust'
The page will take some time to reload.

- For 'Custom Identity Keystore', copy-paste (avoid typing) the full qualified path to the keystore you created at the beginning (/usr/local/bea/weblogic92/server/lib/eTechIdentity.jks)
- For 'Custom Identity Keystore Type', the value is "jks"
- For 'Custom Identity Keystore Passphrase:', use the password you used for the keystore ("etechpass")

The following might be optional, I am not sure:
- For 'Java Standard Trust Keystore Passphrase', the password is "changeit" (this comes form Sun Microsystems).

Navigate to :Environment:Servers::SSL
- For 'Private Key Alias:', the value is the alias you chose when you created the key ("etechalias")
- For 'Private Key Passphrase:', the value is the key password you chose when you created the key ("etechpass")

Click 'Save' and then 'Activate Changes'.
Re-start the managed server.

Start IE and point it to https://server:SSLport/adminui
Choose to Proceed to the Website (IE 7)
Click on the "Certificate Error" button at the top, to the right of the address bar (IE 7) and import the certificate.
Re-start IE, point it to https://server:SSLport/adminui and this time there should be no error messages or warnings.

Start Acrobat Professional 8 and point it to the Policy Server (use the SSL port).

Posted by Jayan Kandathil at 02:04 PM | Permalink | Comments (0)