wachid web id

cd /opt/jdk1.8.0_171/
alternatives --install /usr/bin/java java /opt/jdk1.8.0_171/bin/java 2
alternatives --config java


There are 3 programs which provide 'java'.

  Selection    Command
-----------------------------------------------
*  1           /opt/jdk1.7.0_71/bin/java
 + 2           /opt/jdk1.8.0_45/bin/java
   3           /opt/jdk1.8.0_144/bin/java
   4           /opt/jdk1.8.0_171/bin/java

Enter to keep the current selection[+], or type selection number: 4

alternatives --install /usr/bin/jar jar /opt/jdk1.8.0_171/bin/jar 2
alternatives --install /usr/bin/javac javac /opt/jdk1.8.0_171/bin/javac 2
alternatives --set jar /opt/jdk1.8.0_171/bin/jar
alternatives --set javac /opt/jdk1.8.0_171/bin/javac

java -version

java version "1.8.0_171"
Java(TM) SE Runtime Environment (build 1.8.0_171-b11)
Java HotSpot(TM) 64-Bit Server VM (build 25.171-b11, mixed mode)

This is the link of tutorial how to change faskes 1 of bpjs

https://youtu.be/sPwxBqsK_uo

• Root CA Certificate - AddTrustExternalCARoot.crt
• Intermediate CA Certificate - COMODORSAAddTrustCA.crt
• Intermediate CA Certificate - COMODORSADomainValidationSecureServerCA.crt
• Your PositiveSSL Certificate - www_example_com.crt (or the subdomain you gave them)

haproxy -c -V -f /etc/haproxy/haproxy.cfg

Before exclude add trust external certificate

Creating a dot pem File

SSL .pem files (concatenated certificate container files), are frequently required for certificate installations when multiple certificates are being imported as one file.

This article contains multiple sets of instructions that walk through various .pem file creation scenarios.

Creating a .pem with the Entire SSL Certificate Trust Chain

Log into your Comodo Management Console and download your Intermediate (COMODOCA.crt), Root (addtrustexternalcaroot.crt), and Primary Certificates (your_domain_name.crt).

Open a text editor (such as wordpad) and paste the entire body of each certificate into one text file in the following order:

The Primary Certificate - your_domain_name.crtThe Intermediate Certificate - COMODOCA.crtThe Root Certificate - AddTrustExternalCAROOT.crt

Make sure to include the beginning and end tags on each certificate. The result should look like this:

-----BEGIN CERTIFICATE----- 
(Your Primary SSL certificate: your_domain_name.crt) 
-----END CERTIFICATE----- 
-----BEGIN CERTIFICATE----- 
(Your Intermediate certificate: COMODOCA.crt) 
-----END CERTIFICATE----- 
-----BEGIN CERTIFICATE----- 
(Your Root certificate: AddTrustExternalCAROOT.crt) 
-----END CERTIFICATE-----

Save the combined file as your_domain_name.pem. The .pem file is now ready to use.

Creating a .pem with the Server and Intermediate Certificates

Log into your COMODO Management Console and download your Intermediate (COMODOCA.crt) and Primary Certificates (your_domain_name.crt).

Open a text editor (such as wordpad) and paste the entire body of each certificate into one text file in the following order:

The Primary Certificate - your_domain_name.crtThe Intermediate Certificate - COMODOCA.crt

Make sure to include the beginning and end tags on each certificate. The result should look like this:

-----BEGIN CERTIFICATE----- 
(Your Primary SSL certificate: your_domain_name.crt) 
-----END CERTIFICATE----- 
-----BEGIN CERTIFICATE----- 
(Your Intermediate certificate: COMODOCA.crt) 
-----END CERTIFICATE-----

Save the combined file as your_domain_name.pem. The .pem file is now ready to use.

Creating a .pem with the Private Key and Entire Trust Chain

Log into your COMODO Management Console and download your Intermediate (COMODOCA.crt) and Primary Certificates (your_domain_name.crt).

Open a text editor (such as wordpad) and paste the entire body of each certificate into one text file in the following order:

The Private Key - your_domain_name.keyThe Primary Certificate - your_domain_name.crtThe Intermediate Certificate - COMODOCA.crtThe Root Certificate - AddTrustExternalCARoot.crt

Make sure to include the beginning and end tags on each certificate. The result should look like this:

-----BEGIN RSA PRIVATE KEY----- 
(Your Private Key: your_domain_name.key) 
-----END RSA PRIVATE KEY----- 
-----BEGIN CERTIFICATE----- 
(Your Primary SSL certificate: your_domain_name.crt) 
-----END CERTIFICATE----- 
-----BEGIN CERTIFICATE----- 
(Your Intermediate certificate: COMODOCA.crt) 
-----END CERTIFICATE----- 
-----BEGIN CERTIFICATE----- 
(Your Root certificate: AddTrustExternalCARoot.crt) 
-----END CERTIFICATE-----

Save the combined file as your_domain_name.pem. The .pem file is now ready to use.

How to Disable and Re-enable SSL 3.0 in Firefox?

POODLE vulnerability in SSLv3 is a major security risk and you should take immediate action by disabling SSL 3.0 in your web browser. This article will show you how to turn off or disable SSL 3.0 in Mozilla Firefox. Also learn, how to temporarily enable SSLv3 in Firefox.

Secure Sockets Layer (SSL) is a cryptographic protocol that ensures communication security over the Internet. Back in 2014, Google discovered a vulnerability in SSL 3.0. Named “POODLE”, the vulnerability can be exploited to steal various confidential information, including passwords and cookies. So, SSL 3.0 is now officially insecure. Websites and browsers are urged to turn off SSLv3 and use modern protocols such as Transport Layer Security (TLS).

Disable SSLv3 in Firefox:

SSLv3 is disabled by default since Firefox 34. If you are using an older version of Firefox, follow the steps mentioned below to disable SSL 3.0 and secure your browser.

Open Mozilla Firefox browser.In the Location Bar, enter about:config and press the enter button (or click the arrow symbol in the location bar).You’ll receive following warning message: “This might void your warranty”. Click I’ll be careful, I promise!.In the Search box under about:config, type tls and some results will appear.From the results, find preference named security.tls.version.min and double click on it. The Enter integer value window will appear. Enter 1 and press OK button.Next step is to enable default maximum supported TLS version (TLS 1.2). Find preference named security.tls.version.max and double click on it. Enter 3 as the integer value and press OK.

That’s it! You have successfully turned off the SSL 3.0 protocol in your Firefox browser.

The preference security.tls.version.min specifies the minimum required protocol version, while the security.tls.version.max denotes the maximum supported protocol version. Integer value for the both preferences can range from 0 to 3. 0 means SSL 3.0; 1 means TLS 1.0; 2 means TLS 1.1 and 3 means TLS 1.2. In the above mentioned guide, we used integer value 1 for security.tls.version.min. That means TLS 1.0 is the minimum supported protocol in your browser. And a value of 3 for preference security.tls.version.max means, your browser supports encryption protocol up to TLS 1.2.

How to enable SSL 3.0 in Firefox?

Considering the seriousness of the POODLE vulnerability, I’d never suggest anyone to enable SSLv3. Do you want to re-enable SSL 3.0 for testing purpose or for visiting a certain website? If yes, follow the steps below to enable SSLv3 in Firefox.

Open Firefox browser.Enter about:config in the location bar and press the enter button.When the warning message appears, press I’ll be careful, I promise! button.Go to the Search box inside about:config and type tls.Find preference named security.tls.version.min, double click on it.Enter 0 in the integer value box and press OK button.

That’s all! By setting 0 as value of security.tls.version.min, you have successfully re-enable SSLv3 in Mozilla Firefox. Don’t make it permanent. Reset or the value for security.tls.version.min or re-enable SSL 3.0 once you are done with your testing.

Summary

df -k [FILESYSTEM] to find out existing filesystem usage and LV for that filesystem
lslv [LVNAME] to find out VG for that LV
lsvg [VGNAME] to find out how many PPs are free
chfs -a size=[size setting] [FILESYSTEM]to grow the filesystem

If your chfs command above errors out with 0516-787 extendlv: Maximum allocation for logical volume LVNAME is NUMBER, then you need to: chlv -x [num] [lvname]

df -k [FILESYSTEM] to see changes made

Our /home directory reached 90%

# df -k /home
Filesystem 1024-blocks Free %Used Iused %Iused Mounted on
/dev/hd1 2097152 218780 90% 25894 30% /home
#

Do we have enough space available in VG to expand?

Find out the VG.

# lslv hd1
LOGICAL VOLUME: hd1 VOLUME GROUP: rootvg
LV IDENTIFIER: 0007b8420000d9000000011f2491100e.8 PERMISSION: read/write
VG STATE: active/complete LV STATE: opened/syncd
TYPE: jfs2 WRITE VERIFY: off
MAX LPs: 512 PP SIZE: 128 megabyte(s)
COPIES: 1 SCHED POLICY: parallel
LPs: 20 PPs: 20
STALE PPs: 0 BB POLICY: relocatable
INTER-POLICY: minimum RELOCATABLE: yes
INTRA-POLICY: center UPPER BOUND: 32
MOUNT POINT: /home LABEL: /home
MIRROR WRITE CONSISTENCY: on/ACTIVE
EACH LP COPY ON A SEPARATE PV ?: yes
Serialize IO ?: NO
#

How much space is available in the VG?

# lsvg rootvg
VOLUME GROUP: rootvg VG IDENTIFIER: 0007b8420000d9000000011f2491100e
VG STATE: active PP SIZE: 128 megabyte(s)
VG PERMISSION: read/write TOTAL PPs: 599 (76672 megabytes)
MAX LVs: 256 FREE PPs: 282 (36096 megabytes)
LVs: 13 USED PPs: 317 (40576 megabytes)
OPEN LVs: 11 QUORUM: 2 (Enabled)
TOTAL PVs: 1 VG DESCRIPTORS: 2
STALE PVs: 0 STALE PPs: 0
ACTIVE PVs: 1 AUTO ON: yes
MAX PPs per VG: 32512
MAX PPs per PV: 1016 MAX PVs: 32
LTG size (Dynamic): 256 kilobyte(s) AUTO SYNC: no
HOT SPARE: no BB POLICY: relocatable
#

Use chfs command to expand

Examples

chfs -a size=3G /home
chfs -a size=3000M /home
chfs -a size=+1G /home
chfs -a size=+500M /home

What those mean

The “M” stands for megabytesThe “G” stands for gigabytesThe “+” is relative sizing: change the current amount by adding this muchWithout the “+” is absolute sizing: change the current amount TO this muchNOTE: You can use “-” to decrease a filesystem size. Generally speaking for LVs, it is harder to shrink a filesystem. Sometimes it cannot be done while the filesystem is mounted, and sometimes depending on fragmentation it may not be able to be done at all. I have found AIX to be more robust in this department than various Linux LVM implementations. Generally speaking, though, when you increase your filesystem size, it is best to think of it as permanent .. (for the most part).

From the chfs man page …

If Value has the M suffix, it is interpreted to be in Megabytes. If Value has a G suffix, it is interpreted to be in Gigabytes. If Value begins with a +, it is interpreted as a request to increase the file system size by the specified amount. If the specified size is not evenly divisible by the physical partition size, it is rounded up to the closest number that is evenly divisible.

My example.. Change to absolute size 2.5G or 2500M

# df -k /home
Filesystem 1024-blocks Free %Used Iused %Iused Mounted on
/dev/hd1 2097152 218780 90% 25894 30% /home
# chfs -a size=2500M /home
Filesystem size changed to 5242880
# df -k /home
Filesystem 1024-blocks Free %Used Iused %Iused Mounted on
/dev/hd1 2621440 742988 72% 25894 13% /home
#

If chfs errors with 0516-787: extendlv: Maximum allocation (etc)…

If you get an error like:

0516-787 extendlv: Maximum allocation for logical volume vg01vol1
is 512.

This means that you have hit the limit on the LV of how large you can make it.

The first time I hit this error I almost had a heart attack. Fortunately, you can extend this very easily either using chlvor smitty

In this example I was trying to expand my LV (mydatalv01) to 600 PPs and the limit was 512 PPs

# chlv -x 600 mydatalv01

After that you can then do your chfs command

# chfs -a size=+25G /mydata01

In smitty:

smitty chlv -> Change a Logical Volume -> [ENTER] -> LOGICAL VOLUME name -> [F4]

And from there you can change LV properties.

DONE!