Merry Christmas and Happy Holidays! We have an extra long and fun episode this week but you may want to listen to this it twice 🙂 In Episode 8, we dive into PeopleTools 8.55 and get hands-on! We talk about our first experiences with the PeopleTools DPK’s, changes to Change Assistant… Read More »#8 – PeopleTools 8.55 Hands-on
Let’s Encrypt is a service provided by the Internet Security Research Group to provide free SSL certificates to anyone. The goal of the project is get the entire web encrypted. I mentioned the project in Episode 7 of The PeopleSoft Administrator Podcast and thought it would be a great exercise… Read More »Let’s Encrypt with PeopleSoft
In Part 1, I showed how to use Smart Update to patch WebLogic. Starting with WebLogic 12.1.2, OPatch handles all the pacthing. Let’s walk though using OPatch to update WebLogic to fix the latest vulnerability. OPatch is included in the WebLogic install, so everything you need to apply patches is… Read More »How to Apply WebLogic Patches – Part 2
With the recent attacks on SSL, WebLogic and Java, I wanted to give an overview on how you patch Java for your WebLogic instances. When you install WebLogic, it asks you for the location of your Java Home. Then, every web server instance you create uses that Java Home. Unless… Read More »How to Patch Java in WebLogic
Oracle has released a patch for the latest CVE against WebLogic, so I wanted to walk though the steps to apply the patch to WebLogic and show how to use Smart Update. Smart Update is the utility used by WebLogic to apply patches to your installation. UPDATE 12/8/2015 Thanks to… Read More »How to Apply WebLogic Patches
Setting up Load Balancing is common for production systems. Lately, I have seen a few organizations set up their load balancing so they end undoing all their good intentions. At the top of the infrastructure is a smart device, the load balancer, that can look at traffic and the servers… Read More »Smart v. Dumb Load Balancing
In episode 4, Dan and Kyle talk about Demo environments and why the traditional need for Demo’s may change, the PeopleSoft Update Manager, and how to manager PeopleSoft Images. We also discuss the recent WebLogic vulnerability, and ask for input on our upcoming Tools and Documentation podcast. We want to… Read More »#4 – Demo’s, PUM and PI
In episode 3 of The PeopleSoft Administrator Podcast, Dan and Kyle talk about HTTPS. We discuss what HTTPS is and how to implement HTTPS with WebLogic. Dan shares how to mitigate against the newer SSL attacks, and tips and tricks to help manage certificates and simplify configuring HTTPS. We also… Read More »#3 – HTTPS and WebLogic
Oracle released a WebLogic security alert (CVE-2015-4852) yesterday that affects the T3 and T3S protocol. The patch will be released soon, but there are some steps you can take to mitigate the vulnerability. If you aren’t familiar with the T3 protocol, it is used to communicate between the JVM and… Read More »WebLogic Security Alert
As many of you have probably heard, there has been much discussion this year regarding vulnerabilities in PeopleSoft’s PS_TOKEN. The talk all started after a presentation from ERPScan, which basically said that a PeopleSoft node’s password can be gained by brute force against a PS_TOKEN. This would allow someone to… Read More »Disabling PS_TOKEN with PSEatCookies Filter