Questions? Feedback? powered by Olark live chat software

Keith’s Top Ten List of Things Every IT Person Should Do to Stay On Top of Their Systems in the New Year

Happy New Year out there to all our faithful readers!  In the spirit of the New Year, I thought it would be wise to create my own top ten resolutions of Good and Responsible IT leadership.

I know most of you are thinking that *everyone* practices IT using all of the Best Practices and methods.  So Keith, why do I need to abandon my daily coffee and exciting game of digital solitaire.  The network is running just fine.  Well, my friend, I swear on my giant pink fluffy bunny slippers that not everyone is as responsible as you are.  So, let’s get to it.

My Top Ten List of Things Every IT Person Should Do to Stay On Top of Their Systems in the New Year

1.     Be aware of licensing changes to your software
Microsoft and other vendors are constantly changing license requirements.  Make sure you are educated in 2017.  There was a big change to Microsoft 2016 Windows Server licensing this year that is throwing a lot of people for a loop.  Instead of charging for CPU count, MS has decided to start charging per core in both SQL Server and Windows 2016 Server.

2.     Audit yourself or have someone else do it
Don’t be afraid to have someone come in and do an informal audit to make sure you are license compliant.  For many small businesses, this process can take less than a day.  However, it will make sure that some disgruntled employee doesn’t turn you in and get the license police knocking on your door.  The fines are excessive.

3.     Get your core systems current
I log into networks all the time that still have Active Directory 2003 servers and even 2008 versions.  Wow, really.  It’s 2016 and the AD upgrade path takes less than an hour.  Get your AD to 2012R2 or 2016 today.  Don’t delay.

4.     Get rid of those old switches
I constantly have people remark about the performance of their network.  When looking I find several old switches lurking about in closets or sitting on cabinets.  When we remove them from the equation, the whole network just leaps to its feet.  Just bite the bullet and get something modern.  If you have more than 3 switches, ask yourself, why aren’t you using 10GB or 40GB uplinks between them?  It’s not expensive anymore…so, take advice from Nike and Just Do It!

5.     Buy spare equipment …really….do this…yes, you, over there…do this!
Most of you out there have at least one mission critical piece of equipment that when it fails, your systems will be down for days or hours.  Buy a spare and put it on the shelf.  You don’t have to get an exact new, fancy version.  Just get something that will do what you need to run as a backup while the main one is getting replaced.  Also, refurbished is a good idea here.  For example, if you have a $10k firewall, get a $2k firewall that will run everything for your backup situation.  Configure it, test it, and put it on the shelf.  ‘Nuf said!

6.     Legacy NEEDS TO GO!
So many of us have old, legacy systems that need to go.  If you can, virtualize it and get rid of the hardware.  Then, make it your goal in 2017 to eliminate this as much as you can.  Legacy apps are getting harder and harder to support.  Find a newer, better application with support that can take you to the next phase in your business.

7.     Protect yourself especially with Email
Many of you have outdated or heaven forbid no decent email filtering solutions.  The Email virus payloads and Cryptoware delivery systems are getting more and more advanced, and poor uneducated end-users keep clicking links and costing you money and time.  If you invest in services like Barracuda Cloud Email Security, you can head this off significantly.  “But Keith, I host in Office 365, isn’t that protecting me.”  Unfortunately, no, that is an extra upcharge of $2/month for Microsoft’s malware security and so far, it’s not as good as others on the market.

8.     Discuss your Cloud Plan and get serious about it
Companies are starting to get a handle on how the cloud can help them move into the next generation of technology for business.  A good cloud strategy can help a company take advantage of extremely high-end services at a fraction of the price.  They can also cripple a company with mismanaged costs.  You need a cloud partner to navigate it.  Get one and get serious.  If you don’t have one, call us…you know, because…it’s what we do.

9.     Educate your people
Your customers are your end-users.  If they are educated, then IT works better and your job gets easier.  If you are an end-user reading this article, then get educated yourself.  There are tons of free information that will help you to become street smart on the Net.  Use this material and get smart.  Start here:  http://knowbe4.com

10.   Plan better and find good Partners
Many of us live in a constant state of reaction.  We run around with our hair on fire trying to chase down all of the issues on a daily basis.  We often don’t have time to tackle the big projects because the daily grind keeps us down.  Find a good partner and make a plan to get the small and big projects done.  A good partner will work with you to improve your network, software, and systems and provide some extra support when the fires are burning a little too hot.

When you plan, give yourself room for things to take longer than you think they should.  Remember, quality in IT really matters.  It needs to be done right or you will have even more fires to chase as time goes by.

Make a plan, make a list, and get proactive.  You will sleep better.

Data Security in the Information Age

Well, once again it is that time of year where ghosts, ghouls, and Spider-man roam the streets for candy.  This Halloween, I dressed fashionably as Sherlock Holmes with pink, fuzzy Bunny slippers.  I tried to get my wife to go as Watson, but the look I received had me shivering in my boots reminding me that there are so many kinds of fear. I don’t think she appreciated my dedication to the Holmes-ian lore.  So, while I was passing out candy, I pondered that many of us might be getting goosebumps from all of the Hacking going on in the world

This led me to ask the question.  Why is security such a nightmare?!?  Most of us find ourselves beholden to Windows Updates, Antivirus Updates, Anti-Spam updates, and Email Spam filter systems.  In the pool of never-ending updates, sometimes we feel as though we don’t truly have a grip on the state of our own security.

If you don’t run a modern security tool, you live in Cyber-fear.  Today we live in the age of Cyber-warfare.  China hacks the US…the US hacks China…Russia hacks the US…we hack back…and everyone disavows that any of this is actually going on.  It can make you feel pretty powerless.

However, the one thing *every* hack has in common is lack of preparation and carelessness.

So…Let’s break it down.

Just like in any crime, criminals need a door (or a Window).  People who wish to steal or harm in the cyber-world need an entrance.  Don’t give them one.

  1. Have a proven Anti-virus application.  Yes, free ones are just fine.  AVAST, AVG, etc.  All are good choices.  A good A/V isn’t 100% fool proof, but it will let you know if something isn’t quite right.
  2. Know yourself and the people you interface with. A lot of bad guys come in through email by sending unsuspecting users emails that trick them into going somewhere on the Net they wouldn’t normally go.
  3. Use LOW TECH. If you get a suspicious email, before you open it, text your buddy or give them an old fashioned phone call to see if it is legitimate.  This is especially important if it is outside of their normal behavior.
  4. Be extremely careful on networks you don’t know. If you travel, don’t just use any WIFI.  If you are visiting a Hotel, make sure you are using only their WIFI and that they provide the password to you.  Rouge WIFI in a public place is a common hacker trick.  They setup an access point and pretend to be the hotel.  If you get a funny feeling, don’t ignore it.  Use your Cell Phone in HotSpot mode.  Be safe.
  5. Use encryption. If you travel and use networks other than work, home, or school, you must use encryption.  If your email client isn’t setup to use Encryption, then remove the account and set it back up with encryption.  Hackers steal passwords over unencrypted email all the time.  If you run Exchange, you are already protected.  If you use another email program, make sure you checked the SSL or TLS box when setting up email.  This is especially important on your phones as well.  If you don’t know, Ask your friendly neighborhood IT guy or gal.
  6. Do not download stuff you wouldn’t otherwise. No matter who tells you.  Vet it thoroughly.  You know what tools you need.
  7. Don’t be Social Engineered. There is a rash of calls where people are calling folks and pretending they are Microsoft and they need to go download some tool for them to get protected.  They then find out they are “infected” and have to spend $50 – $100 for the tool to save them.  “Hmmm….I don’t think I had a virus until I downloaded the tool you gave me….Wait a minute?!??!”  If you don’t know what Social Engineering is, go read a lot about it…TODAY!

A lot of you out there reading this article will think that you aren’t worth hacking and even if you do get hacked, there is nothing of value.  Just a bunch of the photos of the kids.  Don’t be fooled.

If you work for a small dry cleaning firm and work with the customer list, how much is that customer list worth and to whom.  It might not seem like much to you, but your competitor across town might pay a pretty penny for that list.  Yes, that makes you a prime target …. for someone.

In Information Age, it’s all about information.  Yours, mine, even your mother-in-law’s.  Information is power.  Protect it.  If you ever doubt the power of information, just ask Google.

Windows Server 2016 – The Next Generation

Windows Server 2016-The Next Generation!

LivelongI woke up this morning and was on my way to the gym when I received an annoying alert on my phone announcing Microsoft’s Product Announcement for Windows Server 2016.

It’s finally here.  Windows the Next Generation!”  Really!?!  All that was missing was the 1970s chic product gal with the glittering smile.

We just can’t wait to tell you how great it is and all the cool new things we have added to make your life simpler, faster, and better.  Somehow, I think I have been here before.

Windows the Next Generation…. hmmm.  As I sit here writing this article sipping on a cool Texas glass of Iced Tea, I can’t help but wonder how we’ve gotten here.  Travel with me back to a simpler time.

I can remember when Microsoft Windows was a simple tool that crashed daily.  You often had break out your 14, 3.5 inch floppy disks for a reload of a patch.  For those of you who are old enough, you might even remember the good old days of Windows NT in 1995.  They told me it was Windows the New Technology (NT).  Sounds an awful like the Next Generation, just without the Borg and Captain Picard!  My first experience with Windows NT involved a lot of rebooting, reinstalling, rebooting, reinstalling, and reinstalling some more.

But I digress.  Today I was just given the news that as of October 15th we will be able to download and install Windows Server 2016.  This means that those of you have been putting off your Windows Server Technology upgrades and are still running on Windows 2003.. are now officially running a 13 year-old operating system.

I wonder how many of you still have a 13-year-old refrigerator or drive 13-year-old cars?

Like a lot of Technology improvements Windows touts Server 2016 as the next best thing, but is it really?  One thing is for certain, if you are running 2003 or 2008 it’s time to come out of the closet, pull up your shorts, and move into the 21st century!

So ultimately, why do we care about Windows Server 2016?   The driving factor to move to a new Operating System has been largely driven by security concerns for the last several years.

In the end, an upgrade grants us new features, improvements, and even new tools.  Those alone don’t push people to do upgrades. However, if you can prevent the latest Chinese hacker from remoting into one of your systems, it’s an investment well worth it.

So, even if Windows Server 2016 isn’t the best, baddest, and meanest.  You need to be involved.  Your technology health is critical.  So get on board.  The news is filled with headlines like “Yahoo compromised and 500,000,000 accounts stolen.”  Don’t be the victim.

After all, new technology is the first line of defense against the new threats in the 21st century.

–Keith

The Mindset Behind Aging Infrastructure

Today I was sitting at my desk in my cargo shorts and bunny slippers when one of my long term clients called to talk about their aging infrastructure.

TH and SlippersNow most of you know that I do my best thinking in bunny slippers, so he couldn’t have called at a better time. The conversation was light and pleasant with a lot of phrases like “treated me right”, “been great for my business”, “perfectly good gear”, and the famous: “if it ain’t broke, don’t fix it”.  But yet, here we were, on the phone discussing the life and times of 8-year-old server technology!

So, why were we discussing the infrastructure if it was “perfectly good gear”?

Simply put, reality had set in.  While the general feeling of nostalgia ruled the conversation, it belied the hidden issues that had been ongoing for the better part of 2 years.  They were spending a significantly larger amount of money on a monthly basis with our firm and other vendors just keeping the technology running.  Yet, this was not enough to make him want to pull the plug.  (I found that interesting, because I like saving money.)

Like I said, reality is a harsh mistress.  Customers were asking my client to produce reports and data that their systems simply couldn’t provide.  Running reports and data analysis brought the systems to their knees causing a real concern that they couldn’t keep up with the demands from their customers. This customer-facing challenge was enough to get the ball rolling and to start the conversation about how to get out of aging infrastructure and what kind of impact that would have on the business.

I am thankful for that demanding customer for getting my client to move out of ancient technology into the modern world.  However, as a professional, it leads me to ponder how easy it is for business owners and decision makers to get stuck in the technology rut. I have this conversation often and the reality is never as simple as the platitudes provided.  Most of the time, the reason people hesitate moving is simply… Change Is Hard!

With Change, a company has to change their software, systems, and licensing.  Sometimes this means training and new vendors.  New client tools, new Desktop PCs, new, new new….. New means that you can’t do everything the way you were used to.  It’s no longer the comfy leather recliner in the den.  It’s a new post-modern era sofa with leopard print…ok, bad analogy…but you get the idea.

Change Is Hard  – but it doesn’t have to be!  Really! tWhen was the last time you bought a new car and wished for the good ol’ days of crank-up windows? (I don’t know anybody that liked those things and the Drive-Thru was just painful!)  Upgrading to the nice new car smell is never a bad thing.

So, why does everyone think technology changes have to be akin to walking on hot coals or pokers in the eye?

Let’s change the conversation and the mindset.  Anticipate the future role of technology in your business with an open mind, good planning, great technology partners, and looking forward to better ways of doing things.  Time doesn’t stand still and neither should you.

Look FORWARD for your better tomorrow!

Buying the Right Technology… Classes of Gear for Business!

This quarter has been brisk helping clients with updates and upgrades to their hardware and systems.  In today’s world of IT, there are a plethora of choices.  Clients often ask me: “Keith, how do I know what to buy?  I know we need to upgrade, but vendors are quoting systems that simply leave me confused.” So, I thought it was time to help provide you (our loyal readers) the inside scoop on how to understand technology buying options and product lines.

Should I buy the Chevy or the BMW?

First, you have to understand that manufacturers of technology aren’t that much different than car manufacturers.   At some point or another, all of us have had to buy a car (or if you live in Texas … a Truck).  The first time we buy a car, we often are budget conscious and steer toward the lower models with cloth seats and few options.  Later in life, as we get more successful, we often choose more upscale models with more features and better options.  I don’t know about you, but I definitely prefer power windows, key-less entry, and push button start over my old manual, hand-crank windows.

Businesses do the same thing.  When they first start out, they often make poor technology choices in order to keep costs low.  Some of them realize that these choices are temporary, but many do not.  As their businesses grow, they still keep making the same poor technology choices without realizing that better options always exist.

Classes of Technology

The best way to think about your technology for your business is to truly understand the market. Traditionally, there are three main tiers of technology in the market place.  The lines have begun to blur in a few market-spaces, but ultimately the three tier rules still apply.

The Three Tiers of Technology

  • SOHO
  • Mid-Tier/Business Class
  • Enterprise

SOHO – Small Office / Home Office – (run, run away)

SOHO technology is where a lot of business go horribly wrong.  SOHO technology options are readily available at Best Buy, Staples, Fry’s, Microcenter, or any of your other favorite retailers.  Unless you are a startup running out of your garage, you should *never, ever, ever, ever, ever* run your business on SOHO gear.  Feel free to buy this stuff for your home office, but don’t run essential business operations on something you purchase from retail.  The quality/support just isn’t there.

Mid-Tier/Business Class Gear – (fits like your favorite soft, fluffy bunny slippers)

Most SMB/Medium-sized business clients should live here.  Mid-Tier technologyoptions are unlimited from good quality manufacturers and will typically give you 3-5 years of lifetime with little to no trouble.  There are many technologies (like switches, firewalls, and routers) that might get your business 7 years of use for only a few hundred dollars more than its small business counterpart.  This technology (with a few exceptions) is only available online or direct from the manufacturer.  You should be working with a good SMB Vendor/Partner (be sure to confirm their technology architecture experience!) to help you get the best gear for your dollar.  For the savvy IT Manager or business owner, you can find a lot of Mid-Tier gear available on Amazon today.

Here is a list of some of the main Mid-Tier vendors to help you get your bearings (a lot of these overlap into the Enterprise arena as well)

Dell, IBM, Lenovo, Apple, HP, Cisco, TrendNet, APC, Cyberpower, Nutanix, NexSan, Tegile, VMware, Microsoft, Intel

**There are hundreds, if not thousands of mid-tier software choices, so I can’t even begin to list those.  This is why a good IT partner is essential ( if they are really good, they may introduce you to great refurb equipment with a three year warranty…and boost your budget!).

Enterprise Technology – (It’s not just for your Starship anymore)

As most businesses grow, they will find that there are aspects of their business that are more important than others.  These unique components will fall into the Enterprise class of hardware and software. Enterprise technology is designed to be state-of-the-art, have exceptional quality, and provide real support for the ultimate uptime solutions.  Businesses invest (yes, it is an investment) in Enterprise-class equipment and software for the most important processes in their organization. If you need uptime, features, or exceptional support, you should always buy Enterprise-class equipment and software.

Going Wrong with the Enterprise

Several of our small and medium business clients have gotten burned (before coming to us) in their IT purchases by going Enterprise too early.  They spend a lot of money on technology they don’t truly need.  Just like going too small, going too big can be costly and hard on the company as it grows.  The cost to maintain the systems can choke the growth of any business. A lot of Vendor Partners steer their customers to Enterprise class gear for the support even if the client is too small to need it.  Don’t get burned, get educated!

Going BIG!

If your business is 250+ employees, there should be a significant portion of your non-cloud infrastructure already at the Enterprise level.  Note the word ‘significant’.   Other than hospitals or banking, there are few industries that need every piece of equipment in their organization to be Enterprise-ready.  The cost savings of just keeping the non-essential portions of your IT infrastructure Mid-Tier can be substantial.

Why is it an Investment?!?!

If you aren’t investing in Enterprise infrastructure, you are investing in “people time” instead.  Where the technology falls short, you spend more money on time.  To put it simply:

      BAD TECHNOLOGY = LOST TIME = LOST CUSTOMERS = LOST PROFITS!

A good technology investment should save you time and money. 

A bad technology investment always costs more of both.

The price of keeping our systems and data secure (as well as our sanity) is unending vigilance!

The price of keeping our systems and data secure (as well as our sanity) is unending vigilance!

It is a given that the typical IT Shop in the small to medium business environment is busy to the max, as you work to keep things going, answer requests and jump on emergencies… much less scour the net looking to keep up with the ever changing security threat landscape.

Our Senior Security Engineer spent two tours with three letter agencies in D.C. doing for them what he now does for ECXSystems’ clients … provide timely warning of emerging threats, assisting in clean up and restoration.  One of the ways he stays current is to leverage his time thru using solid blog and newsletter sources that he trusts.

You would do well to follow up on this article in Knowbe4.com… and if you don’t have time, then be sure to contact us at http://ecxsystems.com/contactsale.html  Fill out the form and we will follow up and help you fix your phishing issue.

The Nightmare of Exploits Past. How Phishing Attacks Use Old Vulnerabilities!

A Must Read…

https://blog.knowbe4.com/your-win9x-nightmares-arent-finished-yet-how-phishing-attacks-use-old-vulnerabilities

Is Hyperconvergence in your future? – Part 2

….BUT, I like VMWare!

Of course you do!  As do I!  We all like to dance with who brung ya! (and swing with who swung ya)

Hyperconvergence as a product means to make Hyper-V and VMWare obsolete (if we let it).   The product offerings pushing Hyperconvergence will let you continue to use Hyper-V and VMWare if you like, but they make jumping ship very attractive.

For example, the Nutanix node-based compute solution is a 4 U box with compute and Disks included:

Nutanix includes their own Hyperviser called Acropolis – based on the Linux KVM solution.  Since the reason that Hyperconvergence is so attractive is the turn-key features that dominate the landscape.  Think autoprovisioning of compute, storage, and networking (called Prism).  We no longer have to think about these things as separate disparate technologies.

Need to expand, just add more nodes!

You can keep your VMWare or Hyper-V architecture…or just move them to Acropolis.  Thing is…you get to decide.  However, since Acropolis is included you might just ask yourself why you are continuing to pay for a Hypervisor.  After all, shouldn’t the next generation of technology be cheaper and better than the last?

See how Nutanix is pushing the reasons to switch HERE.

So what does this really mean for my environment?

For the average business, most of us won’t jump straight into hyperconverged platforms.  However, as our old environments age out or we have a need for expansion, this becomes the next logical choice.  Why buy 80TB of storage when you can get a full platform for just a little more?

Ultimately it provides the baseline for the migration to the next generation technology platform.

So, when faced with an aging system or you just need to look to the future….Think Hyperconvergence!  –  It’s here, fast, and ready to make you look good!

 

Is Hyperconvergence in your future? – Part 1

Hyperconvergence is not the name for a new German punk rock band or even the latest new Pharmaceutical being hawked on TV by the ever lengthy 90-second commercial.  So, how is hyperconvergence the next big thing and why should you care?

Up until a couple of years ago, most of us were being told that virtualization was the way of the future.  Well the future is here.  If at least 90% of your environment isn’t virtualized, you should call us immediately.  You are wasting money, time, and energy.

So if virtualization was the future, how is the next future thing Hyperconvergence?

Hyperconvergence is virtualization done better.  A hyperconverged platform provides the ultimate in software management and integration.  Imagine all of the pieces of your network managed simpler and better.  One single pane of glass for all of your infrastructure.

Now, imagine Enterprise class virtualization features without the VMWare tax, or if you want, you can continue to use VMWare.

In essence, hyperconvergence allows us to deploy an infinitely expandable environment without the hard separation between networking, compute, and storage.

What does this look like?

Most of us need to understand what the physical representation of this actually looks like.  For most of us, this will be a hardware chassis with drives and hardware blades in it.  The drives will act as converged storage while the blades offer the processing power.  The magic is in the software.

Hyperconvergence is currently being offered by both Nutanix and Scale computing.  Both are interesting and both look to completely displace VMWare.  The jury is out, but the future is here.

–Keith

Read More … – Part 2

Tomcat 5 / 6/ 7 /8 – Create and Install SSL Certificate

Hi Guys,

Due to all of the positive feedback on the original article, I decided to do a brief update to nail down and simplify the process.

General Steps

  1. Create a Key and Certificate Request
  2. Issue the Certificate from your favorite Registrar
  3. Merge the Certificate into a Tomcat File

Create a Key and Certificate Request

On your favorite Linux or Windows box, make sure you have OpenSSL.

I am making a directory called /home/keystore.  Seems fitting.

So:

mkdir /home/keystore

Run the following:

First we need a Private Key.  This is yours and yours alone.

openssl genrsa -out /home/keystore/private.key 2048

So, the private key is critical.  It’s your unique identifier for this SSL cert.

Next, we need to generate the request to send to GoDaddy, InstantSSL, etc

(If you like this article, you can get an SSL through our GoDaddy Account –  I think we make $1)

Now, the command:

openssl req -new -sha256 -key /home/keystore/private.key -out /home/keystore/mydomain.csr

You are going to be prompted for all of the details as follows. For Wildcard, use *.mydomain.com. For other hosts, just use the hostname. ie mydomain.com (you will get www automatically)


-----
Country Name (2 letter code) [XX]:US
State or Province Name (full name) []:Texas
Locality Name (eg, city) [Default City]:Tyler
Organization Name (eg, company) [Default Company Ltd]:My Domain Inc
Organizational Unit Name (eg, section) []:IT
Common Name (eg, your name or your server's hostname) []:*.mydomain.com
Email Address []:support@mydomain.com

Press Enter on the Extra fields, no password needed.

Ok, once finished, take your CSR and submit to your provider. Once you submit, you wait and then you will get your certificate. You may have to check email to approve it.

Now the Easy Part!

Merge the Certificate into a Tomcat File

If you are a GoDaddy Customer, you will get two files. Other providers might send you on a wild goose chase for the Bundle file.

6e00664a60ac4578.crt  - This is the Actual Certificate
gd_bundle-g2-g1.crt   - This is your Bundle file with all the certificate chain data from GoDaddy

For simplicity and understanding, let’s rename the file:

mv 6e00664a60ac4578.crt mydomain.crt

Now, let’s make the Tomcat keystore container

openssl pkcs12 -export -chain -CAfile gd_bundle-g2-g1.crt -in mydomain.crt -inkey private.key -out keystore.tomcat -name tomcat -passout pass:changeit

Ok, you have everything you need. Now, setup Tomcat.
Installing the Certificate in Tomcat

Let’s copy the file to our tomcat installation configuration directory.  My tomcat was in /usr/local/tomcat5

cp keystore.tomcat /usr/local/tomcat5/conf

Now, we need to enable SSL.  So, we need to edit the server-wide server.xml file.  Find the section like this:

<!-- Define a SSL Coyote HTTP/1.1 Connector on port 8443 -->
<!--
<Connector port="8443"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" debug="0" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" />
-->

Replace it.  Mine looks like this:


<!-- Define a SSL Coyote HTTP/1.1 Connector on port 8443 -->
<Connector port="443"
maxHttpHeaderSize="8192" maxThreads="250" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" debug="0" scheme="https" secure="true" SSLEnabled="true"
clientAuth="false" sslProtocol="TLS" keyAlias="tomcat"
keystoreFile="/usr/local/tomcat5/conf/keystore.tomcat"
keystorePass="changeit"
keystoreType="PKCS12" />

Lastly, find any other references to port 8443 in the server.xml file and replace them with just 443.

Now, restart Tomcat and enjoy your newly functioning wildcard certificate.

I hope this bridges the gaps on some of the other articles out there.

Please comment if it helps you.

Good Luck!

DBML and ConnectionString Pitfall

This one bit me good, and cost quite a bit of time before I figured it out.  Therefore, I thought it best to document my findings in case it comes up again.

The Issue

As with many bugs, the behavior didn’t show up until the application was deployed – it worked fine in the development environment.  My app uses Linq-to-SQL, and includes an IDE-generated DBML file to interface with my database.  The app was connecting to my local database just fine.  However, when the app was deployed, and all the changes to the connection string in the web.config file were updated, the connection to the database failed with the error “A network-related or instance-specific error occurred while establishing a connection to SQL Server”.  What??

The Solution

After digging and googling, I discovered something about the IDE behavior when it comes to Linq-to-SQL and DBML generation.  When the DBML file is first created, the IDE inserts an entry in the Settings.settings file, which contains the full connection string details.  Since this connection string matches the settings in my web.config and the app.config for my local projects, everything works fine.  The problem is masked by the fact that both the settings file entry and the config file entries are the same.  So, to fix this requires first changing the settings on the DBML file to not use the connection string in the Settings.settings file.

After that, the constructor for the repository needs to be updated to use the configuration manager to pull in the connection string from the config file, like this:

Once this is done, the app will pull in the connection string from the config file, and no more error!

Original post from http://www.sunergeosystems.com/2011/03/23/dbml-and-connectionstring-pitfall/