Secure WAS wsadmin SOAP access

To disable prompting form password without passing password in input param:

1. Put password info in soap.client.props file

sudo mcedit /opt/IBM/WebSphere/AppServer/profiles/ctgDmgr01/properties/soap.client.props

2. Encode password in that file

sudo /opt/IBM/WebSphere/AppServer/profiles/ctgDmgr01/bin/PropFilePasswordEncoder.sh /opt/IBM/WebSphere/AppServer/profiles/ctgDmgr01/properties/soap.client.props com.ibm.SOAP.loginPassword

Classification attribute changes are not inherited

Case:
Two classifications: PARENT and CHILD
Table ATTR defined on PARENT ant incherited to CHILD.

Change to ATTR is required, but after ATTR modification on PARENT changes (DOMAINID, TABLEATTRIBUTE, LOOKUPNAME) are not reflected to CHILD.

Workaround:
Changing data from DB level.

SELECT
CLASSSTRUCTUREID, ASSETATTRID, DOMAINID, TABLEATTRIBUTE, LOOKUPNAME, INHERITEDFROM
FROM maximo.CLASSSPEC
WHERE
CLASSSTRUCTUREID LIKE 'LOC.MEET-ROOM%'
ORDER BY ASSETATTRID

Maximo SelfService Labels modification (Editing SRM Labels)

SRM Labels are defined in:

SMP: /opt/IBM/SMP/maximo/applications/maximo/maximouiweb/webmodule/webclient/javascript/simplesrm/srm/dijit/nls/LANGUAGE/uiStringTable.js

and after deploy in:

WAS: /opt/IBM/WebSphere/AppServer/profiles/ctgAppSrv01/installedApps/ctgCell01/MAXIMO.ear/maximouiweb.war/webclient/javascript/dojo-YYYYMMDD-HHMM/ibm/tivoli/simplesrm/srm/dijit/nls/LANGUAGE/uiStringTable.js

IBM Technote

SSL certificate on WebSphere Application Server IHS

To support SSL, you must add WebSphere® Application Server’s SSL certificate to IBM HTTP Server’s trust store and then configure IBM HTTP Server for SSL traffic.

Preparing

#Copy certificates to WAS:
sudo su -
cp -r /home/lukaszmu/cert /opt/IBM/HTTPServer/conf

#list certificate files
ls /opt/IBM/HTTPServer/conf/cert/
wildcard.p12 ca-bundled-thawte.pem thawte_Primary_Root_CA.pem

Create IHS Security enabled virtual host

Servers > Server Types > Web servers > webserver1 > Web server virtual hosts >

click New
choose „Security enabled virtual host”
set and remember „Key store password”

Remove default selfSigned certificates

Web servers > webserver1 > Web server virtual hosts > *:443 > Manage Keys and Certificates
remove: Signer certificates
remove: Personal certificates

Import personal certificates

Web servers > webserver1 > Web server virtual hosts > *:443 > webserver1 > Personal certificates > Import certificates from a key file or key store

choose „Key store file”
Key file name: /opt/IBM/HTTPServer/conf/cert/wildcard.p12
Type: PKCS12
Key file password: fill in

click: Get Key Aliases
set new alias: wildcard

Import signer certificates

Web servers > webserver1 > Web server virtual hosts > *:443 > webserver1 > Signer certificates > Add signer certificate
1. ca-bundled-thawte
/opt/IBM/HTTPServer/conf/cert/ca-bundled-thawte.pem

2. thawte_Primary_Root_CA Thawte Root Certificates
/opt/IBM/HTTPServer/conf/cert/thawte_Primary_Root_CA.pem

Finalize IHS configuration

Web servers > webserver1 > Web server virtual hosts > *:443
click „Copy to Web server key store directory” (Key store settings)
click OK
click Propagate configuration file directly to the target Web server machine.

Restart the Web server for changes to take effect.

/opt/IBM/WebSphere/AppServer/profiles/ctgAppSrv01/bin/stopServer.sh webserver1
/opt/IBM/WebSphere/AppServer/profiles/ctgAppSrv01/bin/startServer.sh webserver1 -nowait

Maximo – przekierowanie domyślnego hosta websphere/IHS do portalu

Jedno z możliwych rozwiązań:
Zmiana pliku startowego IHS (w moim przypadku /opt/IBM/HTTPServer/htdocs/index.html) na:

<!DOCTYPE html>
<html>
   <head>
      <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
      <meta http-equiv="Refresh" content="0; URL=/maximo/" />
      <title>Przejście do portalu Maximo</title>
   </head>
   <body>
      <p><a href="/maximo/">Przejście do portalu Maximo</a></p>
   </body>
</html>