SSL Decryption using wireshark

SSL Decryption using wireshark

Many WebSphere Key and Trust stores are in p12, JKS or CMS format.  In order to extract the private key using openssl, you need to get the file in an appropriate format.  You cannot extract the key using iKeyman.  For JKS files use iKeyMan to export the key to a PKCS12 key store.  Once you have a PKCS12 keystore use the following command to extract the private key from the PKCS12 key store:

openssl pkcs12 -in waskey.p12 -out privateKey.pem

extract the public client cert from the waskey.p12

openssl pkcs12 -in waskey.p12 -clcerts -nokeys -out server.pem

then remove the private key password using:

openssl rsa -in privateKey.pem -out private.pem

You should now have a waskey.p12 a server.pem and a private.pem.

Now you can use openssl to start an ssl server that will be listening on port 4433!

openssl s_server -www -cipher AES256-SHA -key privateKey.pem -cert server.pem

Using default temp DH parameters
ACCEPT

In wireshark go to:
Edit>Preferences
Select Protocols in the drop down list and select SSL

In the RSA key list enter (the keyname is case sEnSiTiVe:

127.0.0.1,4433,http,/tmp/ssl/privateKey.pem

open a browser to https://locahost:4433/

In wireshark select one of the TLS protocol packets, right mouse click and select Follow SSL Stream.  You should see the unecrypted data.  right mouse click again and select Follow TCP Stream you should see encrypted data.
tips site

WAS 8.5 Liberty Project - JSF

Configuring the Oracle javaee6 tutorial - hello1 JSF test application on WAS 8.5 may result in the following exception:

javax.validation.ValidationException: Could not create Configuration.
Caused by:
java.lang.IndexOutOfBoundsException - Index: 0, Size: 0

This is because WAS liberty does not support bean validation:

So you cannot do things like this in your managed bean classes:

@Size(min = 1, message = "Please enter the Email")

@Pattern(regexp = "[a-zA-Z0-9]+@[a-zA-Z0-9]+\\.[a-zA-Z0-9]+", message = "Email format is invalid.")

private String email;

We need to disable bean validation in the JSF page, follow these instructions to do so!

Firstly, ensure that java core is enabled in the JSF JSP page. The Oracle Test page does not contain it....

index.html

was
<html lang="en"
xmlns="http://www.w3.org/1999/xhtml"
xmlns:h="http://java.sun.com/jsf/html">
becomes
<xmlns="http://www.w3.org/1999/xhtml"
xmlns:f="http://java.sun.com/jsf/core"
xmlns:h="http://java.sun.com/jsf/html">
and
<h:inputText id="username"
title="My name is: "
value="#{hello.name}"
required="true"
requiredMessage="Error: A name is required."
maxlength="25">
</h:inputText>
becomes
<h:inputText id="username"
title="My name is: "
value="#{hello.name}"
required="true"
requiredMessage="Error: A name is required."
maxlength="25"> <f:validateBean disabled="true" />
</h:inputText>

note
xmlns:f="http://java.sun.com/jsf/core"
is required for the code
<f:validateBean disabled="true" />
to work because validateBean is in the core namespace.