Hello Xtend

The Eclipse foundation announced today the availability of Xtend, and improvement on the Java language, that remains compatible. See the video below, and check out the Xtend website to see for yourself, how Xtend embraces Java, while improving it readability and adding a number of nifty features, some of which programmers like in Smalltalk, Perl, and PHP.

Xtend Intro from Xtext Team on Vimeo.

How to install Tomcat 6 on RHEL 6 or CentOS 6

Here are some steps to install Tomcat 6 on Red Hat 6 (or CentOS 6).


First we are going to prepare the repository:

yum install yum-priorities
rpm -Uvh http://apt.sw.be/redhat/el6/en/x86_64/rpmforge/RPMS/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm
rpm -Uvh http://download.fedora.redhat.com/pub/epel/6/x86_64/epel-release-6-5.noarch.rpm
rpm -Uvh http://mirrors.dotsrc.org/jpackage/6.0/generic/free/RPMS/jpackage-utils-5.0.0-7.jpp6.noarch.rpm

Next we will install Java and Tomcat 6:

yum -y install java
yum -y install tomcat6 tomcat6-webapps tomcat6-admin-webapps

Finally we can launch Tomcat 6:

service tomcat6 start

To connect to Tomcat, just browse to port 8080 on the server, for example:

Here are a couple of diagnostic commands to test that Tomcat is running:

# service tomcat6 status
tomcat6 (pid 17318) is running... [ OK ]
# netstat -nlp|grep 800
tcp 0 0* LISTEN xxxxx/java
tcp 0 0* LISTEN xxxxx/java
# netstat -nlp|grep 8080
tcp 0 0* LISTEN xxxxx/java

File Structure

The Red Hat file structure is different than the default file structure Tomcat 6 has when installing from source. Here is the file structure that is used when installing with this method:

/etc/tomcat6 (this is where the main tomcat config files reside)
/var/lib/tomcat6 (this is where you will add and/or change most of your files)

Here is an article that explains how to add support for JConsole debugging and/or monitoring to Tomcat:

Installing a Secure Certificate on IBM Smart Business Server (VERDE)

At the time of this writing, the IBM Smart Business Server’s control panel doesn’t allow importing a secure certificate (SSL cert). Never-the-less it is possible to install a valid (CA signed) secure certificate from the command line. This article assumes that the reader is familiar with SSL and the basic SSL KEY, CSR, and CRT generation step. We are therefore picking up at the point where you have an SSL KEY as well as an SSL CRT. You will also need a machine that has openssl installed (any Linux or Mac box will do). In fact the smart business server itself has openssl installed, as well as keytools, so all the steps can be performed directly on the smart business server.

Please note that this is a draft document, and work in progress. At this time only the public facing websites have been successfully set up with a CA signed certificate.

  • The Apache configuration file for the setup wizard is:/etc/apache2/httpdWSW.conf
  • The Apache configuration file for the intranet is here:/etc/apache2/httpdInt.conf with the corresponding SSL configuration here: /etc/apache2/extra/httpdInt-ssl.conf
  • First copy the new key and cert (in the same file, key goes on top and then the cert) into /etc/opt/ibm/bbp/smartcontainer/httpdWSW.cert
  • (Optional, this step hasn’t been successfully tested, because a non-RFC compiant method is used.) To create an RFC compliant PKCS8 version of the key pair where the intranet config file is expecting it:
    cd /etc/opt/ibm/bbp/
    openssl pkcs8 -topk8 -inform PEM -nocrypt -in smartcontainer/httpdWSW.cert -out PKCS8.cert
  • Make sure the CA bundle is made available and properly reference in the above mentioned config files (cp path/to/sf_bundle.crt smartcontainer/)
  • Create a PKCS12 version of your certificate:
    openssl pkcs12 -export -chain -CAfile sf_bundle.crt -in '<your>.crt' -inkey '<your>.key' -out PKCS12.cert -name <name> -passout pass:111111
    (at the time of this writing, the default cert store password hard coded in the VERDE install is 111111)
  • Location of the Java SSL Keystore: /etc/opt/ibm/bbp/SSLkeystore
  • Location of the [SAFEv3] encription tool:/opt/ibm/bbp/saf/encryptPassword.sh
  • Password retrieval command:/opt/ibm/bbp/saf/lib/security/manageAdminCreds -f get -a JavaKeyStore2048BitKey -i 1
  • Create a new keystore based on the PKCS#12 cert:
    keytool -importkeystore -destkeystore SSLkeystore.new -srckeystore PKCS12.cert -srcstoretype PKCS12 -alias <common_name_of_SSL_cert>
  • Update the Keystore configuration reference in /opt/ibm/bbp/saf/cfg (use the password retrieved above).
  • Copy the PKCS#12 cert to the VERDE Tomcat cert store:
    cp PKCS12.cert /var/lib/verde/host.p12
    cp /var/lib/verde/host.p12 /usr/lib/verde/etc/host.p12
    (Make sure you save your previous copies of any file you modify.)

At this point, you have to restart the system, to make sure that all public services get the proper certificate loaded on boot. If you prefer, you can restart the services:

  • /etc/init.d/lwi restart
  • /etc/init.d/simpleAgent_d restart
  • restart the VERDE software from the web console


  • http://conshell.net/wiki/index.php/Keytool_to_OpenSSL_Conversion_tips
  • http://cunning.sharp.fm/2008/06/importing_private_keys_into_a.html
  • Many thanks to the bISV IBM support team

Sametime 8.5.1 Deployment

To deploy a Sametime environment with multiple levels of licensing, multiple Sametime servers with each respective license versions needed (Entry, Standard, etc.). The Sametime wiki has a number of useful resources to plan out a complex Sametime deployment:

  • http://www-10.lotus.com/ldd/stwiki.nsf/page.xsp?documentId=6F6353B28F5FB51185257775007AC431&action=openDocument
  • http://www-10.lotus.com/ldd/stwiki.nsf/dx/1.3_Lotus_Sametime_product_family
  • http://www-10.lotus.com/ldd/stwiki.nsf/xpViewCategories.xsp?lookupName=Learning%20Center

And here are some documents that delve into the details:

  • http://www-10.lotus.com/ldd/stwiki.nsf/dx/Chapter_2._Planning_a_Sametime_8.5.1_deployment
  • http://publib.boulder.ibm.com/infocenter/sametime/v8r5/index.jsp?topic=/com.ibm.help.sametime.v851.doc/plan/plan_topol_deploy.html

Verifying SSL Certificates


You have a few SSL cert files on your server, but you are not sure which one is the newest, or the right cert to use.


Look at the contents of a CSR

openssl req -noout -text -in [domain_name].csr

Where [domain_name].csr is the name of the CSR file.

Look at the contents of a certificate

openssl x509 -noout -text -in [domain_name].crt

Look at the MD5 fingerprint of a certificate

openssl x509 -fingerprint -noout -in [domain_name].crt

Check the private key, the CSR, and the signed cert

To check that the private key, the CSR, and the signed cert belong to the same set, you need to compare the MD5 outputs:

openssl rsa -noout -modulus -in [domain_name].key |openssl md5
openssl req -noout -modulus -in [domain_name].csr |openssl md5
openssl x509 -noout -modulus -in [domain_name].crt |openssl md5

Java Shopping Cart and eCommerce Solutions

Java Shopping Cart Hosting

The need to host a shopping cart comes up on a regular basis. There are literally hundreds of very good solutions out there. Here is a list of carts that satisfy the following criteria:
– configurable
– customizable
– embeddable
– has a flexible API
– compatible with IBM DB2
– scalable
– reliable

With these requirements, Java EE is a good technology to settle on, hence the need to find Java Shopping Cart Hosting.

Java Shopping Cart Hosting – Ready to Go Solutions

The following products have been identified as viable solutions for Java Shopping Cart Hosting deployments:

  • http://www-01.ibm.com/software/genservers/commerce/express/
  • http://www.softslate.com/
  • http://ofbiz.apache.org/
  • http://www.shopizer.com/
  • http://www.jadasite.com/
  • http://www.openedit.org/
  • http://www.konakart.com/
  • http://www.avetti.com/
  • http://allbinary.appspot.com/Weblisket.jsp

Java Shopping Cart Hosting – Tutorials

There are also a couple good tutorials we found that would walk you through how to create a shopping cart from scratch to embed into an existing application:

  • http://www.ibm.com/developerworks/library/j-ajax1/
  • http://www.tech-freaks.in/Java-Programming/JSP-Servlets/shopping-cart.html

Any of the above is supported in our Managed Hosting environment for a successful Java Shopping Cart Hosting deployment.

Online fax service with SSL API


You need to create an online application that is capable of sending a FAX securely (PCI, HIPAA or other compliance).


After trying trustfax and eFax, neither of which has a secure API, Ralph found that Metro Fax has a SSL API for developers and the cost is reasonable.

The following SDK as well as some supporting documentation below will help you get started: WsfSDK

The MetroFax webservice gateway is available at:


And there is supporting documentation (NDoc) available below:


The attached SDK contains sample implementations of numerous common methods.

Installing Informix IDS 11.x on Mac OS X


Installing IDS 11 on Mac OS X


After installing the server, update the sqlhosts file and replace the default host name by * so that the server listens on all IPs. The sqlhosts file may be names sqlhosts.ol_server_name, and its contents would look like:

ol_server_name onsoctcp * ol_server_name
dr_server_name drsoctcp * dr_server_name


When IDS 11 is officially released, more information will be published here. For now, the following links have pointers:

Migrating Data to DB2 9.7 LUW


You reached the limit or your unhappy with the performance or features of your database server, and you want to move to DB2. The transition can be simple with respect to your code, as it may be just a matter of changing a few lines of code for the connection string, and setting the correct compatibility mode in DB2. But how do you move your data?


IBM has published a data migration toolkit, that has been updated to work best with DB2 9.7. Make sure you have service pack 2 installed, which is the latest service pack available as of this writing.

If you are migrating from MySQL or PostgreSQL, enable the ability to do limits and offsets in the where clause with:
db2stop force
echo Set compatibility to 01 or 0F