Tuesday, 13 July 2010

Finding WSH (Work Station Handler) Port in PeopleSoft

For 3 tier access using application designer we need to configure WSL port and start the same. using psadmin. But WSL after listening the request from the client, hands it over to WSH i.e Work Station handler. We can specify WSL port no in Appserver configuration but WSH is alloted any available port no. near in series to WSL port.

To find out the port no on which WSH is running and connected client machines, please run the following command.
for eg. our WSL port is 7890
netstat -a | grep 78[0-9][0-9]

In the output window, we can see that 7892 port no is also shown with a connection status of ESTABLISHED for 3 client machines. So we can say that WSH port no being used is 7892.
WSL i.e Work Station Listener is ready and listening for more client requests.

If you want to learn how to setup 3 tier connection using application designer, please go through my past blog enteries.

Monday, 12 July 2010

Generating Key Store and Trust Store using Keytool

What is a keytool?
Keytool is a key and certificate management utility. It enables users to administer their own public/private key pairs and associated certificates for use in self-authentication. It also allows users to cache the public keys (in the form of certificates) of their communicating peers.

What is a keystore?
Keytool stores the keys and certificates in a keystore. The default keystore implementation implements the keystore as a file. It protects private keys with a password. A keystore contains private keys, and the certificates with their corresponding public keys. A keystore is a database of key material. Key material is used for a variety of purposes, including authentication and data integrity. There are various types of keystores available, including "PKCS12" and Sun's "JKS.

In PeopleTools 8.49 keytool is located in PS_HOME/jre/bin

Generating public/private key pair using keytool
keytool -genkey -alias hrms -keyalg RSA -keystore pskey.keystore -storetype JKS

hrms - it is alias name, any name can be entered to identify the server or instance
pskey.keystore - name of the keystore

After running this command , several user input are required regarding the site to generate the keypair. These values are unique for every site.
The keypair that is generated has both public and private key combination. If we want to share out public key with other sites for authentication and communication purposes we need to export the public key from the keystore and share it. Other party needs to import this public key in their keystore.

Exporting public key from keypair
keytool -export -alias hrms -keystore pskey.keystore -rfc -file pshrms.cert
Enter keystore password:

Public key is exported in a form of certificate file which can be shared with another party. While exporting public key, password for keystore is required that was created in previous command.
This is also a self signed certificate. Ideally one should a signed certificate from a CA eg. Verisign, Geo Trust etc.

What is a TrustStore?
A truststore is a keystore which is used when making decisions about what to trust. If you receive some data from an entity that you already trust, and if you can verify that the entity is the one it claims to be, then you can assume that the data really came from that entity.
An entry should only be added to a truststore if the user makes a decision to trust that entity. By either generating a keypair or by importing a certificate, the user has given trust to that entry, and thus any entry in the keystore is considered a trusted entry.

Creating TrustStore and importing public key

keytool -import -alias hrms -file pshrms.cert -storetype JKS -keystore hrms.truststore

Using the above command, you can also import public certificates from other sites.

To view contents of a cert in keystore
keytool -printcert -file pshrms.cert

Read more about keystore, PKI and public key at these links:

Friday, 9 July 2010

Using Find and Grep together

 find ./ -name configuration.properties | xargs grep -H "9030"

Get our exclusive subscription-only PeopleSoft tips once per month!

How was the blog? Help us in getting better