SQL script generates random data and insert into MySQL database

Guestbook 
1
DROP PROCEDURE InsertRandomRecords;
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
DELIMITER $$
CREATE PROCEDURE InsertRandomRecords(IN NumRows INT)
    BEGIN
        DECLARE i INT;
        SET i = 1;
        START TRANSACTION;
        WHILE i <= NumRows DO
            INSERT INTO draftorders.draft_order (c_number, source_time_in_ms, source_item_id, shipment, shipment_id, quantity, source_system, status)
            VALUES ('C01234567890', RAND()*1000000000, CONCAT('randomSourceRef-', UUID_SHORT()),
                    '{"to": {"name": "T T", "lines": ["Lvl 100", "123 smith st"], "phone": "0356567567", "state": "VIC", "suburb": "Greensborough", "postcode": "3088", "business_name": "In debt"}, "from": {"name": "Carl Block", "lines": ["1341 Dandenong Road"], "state": "VIC", "suburb": "Geelong", "postcode": "3220"}, "items": [{"width": "10", "height": "10", "length": "10", "weight": "10", "product_id": "3D85", "item_reference": "blocked", "authority_to_leave": true, "allow_partial_delivery": true, "contains_dangerous_goods": true}], "shipment_reference": "My second shipment ref", "customer_reference_1": "cr1234", "customer_reference_2": "cr5678"}',
                    UUID(), 1, 'EBAY', ELT(1 + FLOOR(RAND()*3), 'DRAFT', 'READY_TO_SHIP', 'SHIPPED'));
            SET i = i + 1;
        END WHILE;
        COMMIT;
    END$$
DELIMITER ;

To generate 1,000,000 draft orders:

1
CALL InsertRandomRecords(1000000);

Set up and run AWS Lambda 'hello' function with serverless

Guestbook

serverless

With latest Node.js 6.x.x installed, then install serverless globally:

1
$ npm install serverless -g

AWS Lambda

Create a AWS Lambda skeleton project with serverless:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
$ mkdir serverless-example && cd $_

$ sls create -t aws-nodejs
Serverless: Generating boilerplate...
 _______                             __
|   _   .-----.----.--.--.-----.----|  .-----.-----.-----.
|   |___|  -__|   _|  |  |  -__|   _|  |  -__|__ --|__ --|
|____   |_____|__|  \___/|_____|__| |__|_____|_____|_____|
|   |   |             The Serverless Application Framework
|       |                           serverless.com, v1.7.0
 -------'

Serverless: Successfully generated boilerplate for template: "aws-nodejs"
Serverless: NOTE: Please update the "service" property in serverless.yml with your service name
  • Policies set up for Lambda function

For AWS user “ec2-user”, now need to have some policies with permissions to let “serverless” create role, Lambda function and deployment it …

Polices set up for Lambda function

  • Roles for Lambda function

Lambda function role created after Lambda function added and deployed into AWS.

Roles for Lambda function

Deployment

Make sure AWS environment has been set up, including access key, user, group, policies …

Pack and deploy Lambda example into AWS:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
$ sls deploy -r ap-southeast-2 -s dev
Serverless: Packaging service...
Serverless: Uploading CloudFormation file to S3...
Serverless: Uploading service .zip file to S3 (583 B)...
Serverless: Updating Stack...
Serverless: Checking Stack update progress...
..................
Serverless: Stack update finished...
Service Informations
service: serverless-example
stage: dev
region: ap-southeast-2
api keys:
  None
endpoints:
  None
functions:
  serverless-example-dev-hello
  • Lambda “hello” function

A “hello” Lambda function has been created in Lambda after it’s deployed into AWS by “serverless”.

Lambda "hello" function

  • Events generated during Lambda function deployment

Deployment events generated during Lambda “hello” function deployed into AWS.

Events generated during Lambda function deployment

  • Add Lambda Trigger on AWS API Gateway

Manually create a Lambda Trigger. This time we use AWS API Gateway to trigger / invoke Lambda “hello” function.

Lambda Trigger created on AWS API Gateway

  • Exposed Lambda API Gateway

After Lambda Trigger created, an exposed RESTful interface for Lambda “hello” function.

Lambda API Gateway

Say “hello”

Set up AWS API Gateway trigger for Lambda “hello” function. Go to url, e.g.:

Function “hello” log:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
{
  "message": "Go Serverless v1.0! Your function executed successfully!",
  "input": {
    "resource": "/serverless-example-dev-hello",
    "path": "/serverless-example-dev-hello",
    "httpMethod": "GET",
    "headers": {
      "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8",
      "Accept-Encoding": "gzip, deflate, sdch, br",
      "Accept-Language": "en-AU,en-GB;q=0.8,en-US;q=0.6,en;q=0.4",
      "CloudFront-Forwarded-Proto": "https",
      "CloudFront-Is-Desktop-Viewer": "true",
      "CloudFront-Is-Mobile-Viewer": "false",
      "CloudFront-Is-SmartTV-Viewer": "false",
      "CloudFront-Is-Tablet-Viewer": "false",
      "CloudFront-Viewer-Country": "AU",
      "Host": "b5dyhej16l.execute-api.ap-southeast-2.amazonaws.com",
      "Referer": "https://ap-southeast-2.console.aws.amazon.com/lambda/home?region=ap-southeast-2",
      "upgrade-insecure-requests": "1",
      "User-Agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.95 Safari/537.36",
      "Via": "2.0 6884828476070d32978b45d03c1cc437.cloudfront.net (CloudFront)",
      "X-Amz-Cf-Id": "mvToMffe1AsUJNcMJKUh-Rx26oBJsRBe2n9I1df3xqIAIENPR_ku3A==",
      "X-Amzn-Trace-Id": "Root=1-58aae2ff-0b0c5e4059cc97576211ba4a",
      "X-Forwarded-For": "101.181.175.227, 54.239.202.65",
      "X-Forwarded-Port": "443",
      "X-Forwarded-Proto": "https"
    },
    "queryStringParameters": null,
    "pathParameters": null,
    "stageVariables": null,
    "requestContext": {
      "accountId": "624388274630",
      "resourceId": "5jbqsp",
      "stage": "prod",
      "requestId": "51ba2876-f769-11e6-b507-4b10c8a6886a",
      "identity": {
        "cognitoIdentityPoolId": null,
        "accountId": null,
        "cognitoIdentityId": null,
        "caller": null,
        "apiKey": null,
        "sourceIp": "101.181.175.227",
        "accessKey": null,
        "cognitoAuthenticationType": null,
        "cognitoAuthenticationProvider": null,
        "userArn": null,
        "userAgent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.95 Safari/537.36",
        "user": null
      },
      "resourcePath": "/serverless-example-dev-hello",
      "httpMethod": "GET",
      "apiId": "b5dyhej16l"
    },
    "body": null,
    "isBase64Encoded": false
  }
}

References

Factorial function implementation in Java 8

Guestbook

Implementation

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
package org.paradise.function;

import java.util.HashMap;
import java.util.Map;
import java.util.function.Function;

/**
 * Created by terrence on 12/12/2016.
 */
public final class FactorialFunction {

    public static final Map<Integer, Long> FACTORIAL_MAP = new HashMap<>();

    public static final Function<Integer, Long> FACTORIAL = (x) ->
            FACTORIAL_MAP.computeIfAbsent(x,
                    n -> n * FactorialFunction.FACTORIAL.apply(n - 1));

    static {
        FACTORIAL_MAP.put(1, 1L); // FACTORIAL(1)
    }

    private FactorialFunction() {

    }

}

Unit test

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
package org.paradise.function;

import org.junit.Test;

import static org.junit.Assert.assertEquals;

/**
 * Created by terrence on 12/12/2016.
 */
public class FactorialFunctionTest {

    @Test
    public void testFactorialFunction() throws Exception {

        assertEquals("Incorrect result", Long.valueOf(1), FactorialFunction.FACTORIAL.apply(1));
        assertEquals("Incorrect result", Long.valueOf(2), FactorialFunction.FACTORIAL.apply(2));

        assertEquals("Incorrect result", Long.valueOf(3628800), FactorialFunction.FACTORIAL.apply(10));
    }

}

Fibonacci function implementation in Java 8

Guestbook

Implementation

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
package org.paradise.function;

import java.util.HashMap;
import java.util.Map;
import java.util.function.Function;

/**
 * Created by terrence on 12/12/2016.
 */
public final class FibonacciFunction {

    public static final Map<Integer, Long> FIBONACCI_MAP = new HashMap<>();

    public static final Function<Integer, Long> FIBONACCI = (x) ->
            FIBONACCI_MAP.computeIfAbsent(x,
                    n -> FibonacciFunction.FIBONACCI.apply(n - 2) + FibonacciFunction.FIBONACCI.apply(n - 1));

    static {
        FIBONACCI_MAP.put(0, 0L); // FIBONACCI(0)
        FIBONACCI_MAP.put(1, 1L); // FIBONACCI(1)
    }

    private FibonacciFunction() {

    }

}

Unit test

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
package org.paradise.function;

import org.junit.Test;

import static org.junit.Assert.assertEquals;

/**
 * Created by terrence on 12/12/2016.
 */
public class FibonacciFunctionTest {

    @Test
    public void testFibonacciFunction() throws Exception {

        assertEquals("Incorrect result", Long.valueOf(0), FibonacciFunction.FIBONACCI.apply(0));
        assertEquals("Incorrect result", Long.valueOf(1), FibonacciFunction.FIBONACCI.apply(1));
        assertEquals("Incorrect result", Long.valueOf(1), FibonacciFunction.FIBONACCI.apply(2));
        assertEquals("Incorrect result", Long.valueOf(2), FibonacciFunction.FIBONACCI.apply(3));
        assertEquals("Incorrect result", Long.valueOf(3), FibonacciFunction.FIBONACCI.apply(4));
        assertEquals("Incorrect result", Long.valueOf(5), FibonacciFunction.FIBONACCI.apply(5));
        assertEquals("Incorrect result", Long.valueOf(8), FibonacciFunction.FIBONACCI.apply(6));

        assertEquals("Incorrect result", Long.valueOf(13), FibonacciFunction.FIBONACCI.apply(7));
        assertEquals("Incorrect result", Long.valueOf(21), FibonacciFunction.FIBONACCI.apply(8));
        assertEquals("Incorrect result", Long.valueOf(34), FibonacciFunction.FIBONACCI.apply(9));
        assertEquals("Incorrect result", Long.valueOf(55), FibonacciFunction.FIBONACCI.apply(10));

        assertEquals("Incorrect result", Long.valueOf(12586269025L), FibonacciFunction.FIBONACCI.apply(50));
    }

}

Remote debugging Java applications run on Tomcat

Guestbook

Enable JVM option to attach a remote debugger:

1
$ export JAVA_OPTS=-agentlib:jdwp=transport=dt_socket,server=y,suspend=y,address=5005

“suspend” set to “y” is to let remote debugger start loading the application.

Now, start running Tomcat. JVM debugging port is bound on port 5005i on the machine runs on Tomcat.

Next, set up SSH tunnel mirror remotei host (ip-10-213-79-77.ap-southeast-2.compute.internal) 5005 port to localhost on port 5005. For example:

1
$ ssh -L 5005:ip-10-213-79-77.ap-southeast-2.compute.internal:5005 -l ec2-user ip-10-213-79-77.ap-southeast-2.compute.internal

You can start remote debugging in IDE like IntelliJ and debug the code since.

Web Components are coming

Guestbook

AngularJS is going to continue to succeed for some time. But change is inevitable.

Web Components are coming.

WebComponents create the ability to do all the sorts of markup-driven programming like AngularJS, ReactJS, but less ecosystem dependent. Because DOM is integration point for all the kinds of JavaScript frameworks. Web Components make it MUCH easier to interoperate between components.

The future isn’t here yet, but it will change fundamental assumptions about how a JavaScript framework should act and what it should be responsible for. Those shifts in assumptions frequently cause frameworks will drop out of the ecosystem quickly than expected.

Web Components

URL: https://www.webcomponents.org/

Perfection

Guestbook

Il semble que la perfection soit atteinte non quand il n’y a plus rien à ajouter, mais quand il n’y a plus rien à retrancher.

1
- Antoine de saint Exupery

It seems that perfection is attained not when there is nothing more to add, but when there is nothing more to remove.

Setup Docker Private Registry in Nexus Repository OSS 3.x.x

Guestbook

Make sure Nexus Repository has been setup with Self Signed certificate, certificate for host/server e.g. “silencer.bigpond”.

The following instructions have been successfully tested in Nexus version 3.2.0-01.

Create Docker Hub repository in Nexus

Docker Hub repository

Create Docker Internal repository in Nexus

Docker Internal repository

Create Docker Group repository in Nexus

Docker Group repository

Run Docker with Docker Native

Add Docker Private Registry in Insecure Registries

Docker Native Insecure registries

Now this approach supports docker pull and docker push.

Work around with “x509: certificate signed by unknown authority“ error by adding “–disable-content-trust” option on docker push command line if Docker doesn’t accept Self-Signed certificate.

Add Docker Private Registry server’s certificate into Docker Virtual Machine CA list

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
𝜆 keytool -printcert -rfc -sslserver silencer.bigpond:8444 > silencer.bigpond.pem
-----BEGIN CERTIFICATE-----
MIIDkDCCAnigAwIBAgIEAqo9kTANBgkqhkiG9w0BAQsFADBgMQswCQYDVQQGEwJBVTEUMBIGA1UE
CBMLVW5zcGVjaWZpZWQxFDASBgNVBAcTC1Vuc3BlY2lmaWVkMREwDwYDVQQKEwhTb25hdHlwZTES
MBAGA1UEAwwJKi5iaWdwb25kMB4XDTE2MDYxMjExMzY1M1oXDTMwMDIxOTExMzY1M1owYDELMAkG
A1UEBhMCQVUxFDASBgNVBAgTC1Vuc3BlY2lmaWVkMRQwEgYDVQQHEwtVbnNwZWNpZmllZDERMA8G
A1UEChMIU29uYXR5cGUxEjAQBgNVBAMMCSouYmlncG9uZDCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAJNO5mDpBDQQ8n4t0P2z8ChWzIFQ3Pf+5U8x6P17O3WtKTfsbuRYobHYmas5tVdV
dnLIqpb4JV9DWIoS+CNG6cRLy3GIWWT7CbjsrpDlOTArslvk3KuzQ0dsZNflRfdd+ughI2LczehE
fhzPJzA+ZU8Am1CadM+VUa+T6MilFQMXpWfjND6BNnV+qr/MX1QQfSjiWt7oWBex0BB0VPv9ooBZ
UqO+8jk5fUY8wEIa/kqLUqIKGxIUx9BMQBwBJwDKZmK93DXSPvAFYbKQjj6/nbV9R1VWmR7fhkLG
+Ixlx5ld2dxv4+xvXmS8s4NanBtKZWUfEYVPp7gUF9HZoW9A1jcCAwEAAaNSMFAwDAYDVR0TBAUw
AwEB/zAhBgNVHREEGjAYghBzaWxlbmNlci5iaWdwb25khwQKAAAJMB0GA1UdDgQWBBQV3WTuC+GI
8lHtH0uL+kYqTG+vczANBgkqhkiG9w0BAQsFAAOCAQEAUwL+qnKVT0ENZEZnDjB+cjPfvkeWOD05
PrGUOn4YB4vllq2S6Cgfm0OaZ+vMt3KMXPf9pIgZ797jdPhOP/s5IVJItldky+u/Hk9gNtUwEjpg
l0MjhSm/PqxR5XoJdkYlvUdtq+PTrU5RU3v3GImeOmlI4mM5PaZ6OT8HC5VMX5s9RawBr/5EbJHR
M7EN8r3g4Y/2109YoHoiWAhnN6TC3RhmCoQqGOiPsS732KHUz3KqXVbq9VTRdA3dXqFj1cUSet1T
XTPisaiehffvbqYm2vrJ5WYgqCwb8TadDg66TToj080qvA8cXAF7qlA8pOImrbVOs7tdANSAs+AO
cqCkiA==
-----END CERTIFICATE-----
1
𝜆 screen ~/Library/Containers/com.docker.docker/Data/com.docker.driver.amd64-linux/tty

Inside Docker Virtual Machine, follow these steps:

1
2
3
$ sudo cat silencer.bigpond.pem >> /etc/ssl/certs/ca-certificates.crt
$ sudo /etc/init.d/docker restart
$ tail -f /var/lib/boot2docker/docker.log

With Docker Toolbox

Add Docker Private Registry server’s certificate into Docker Virtual Machine CA list

1
2
𝜆 keytool -printcert -rfc -sslserver silencer.bigpond:8444 > silencer.bigpond.pem
𝜆 docker-machine ssh default

Inside Docker Virtual Machine, follow these steps:

1
2
3
$ sudo cat silencer.bigpond.pem >> /etc/ssl/certs/ca-certificates.crt
$ sudo /etc/init.d/docker restart
$ tail -f /var/lib/boot2docker/docker.log

Press Ctrl + D and Ctrl + D to exist SCREEN program. Type “screen -r” to re-entry SCREEN program.

Additional Certificates

Download 3rd party Repository server’s certificate. Use tool like KeyStore Explorer to add 3rd party server certificates into existing keystore.jks. Due to a certificate chain that does not exist within the existing Java truststore, Java does not trust the certificate and fails to connect to the application.

Test

1
2
3
4
𝜆 docker login silencer.bigpond:18443
Username: admin
Password: admin123
Login Succeeded
1
2
𝜆 docker search silencer.bigpond:18443/tomcat
𝜆 docker pull silencer.bigpond:18443/jtech/tomcat:latest
1
2
3
4
𝜆 docker login silencer.bigpond:18444
Username: admin
Password: admin123
Login Succeeded
1
2
3
𝜆 docker build -t jtech/camel-spring:latest .
𝜆 docker tag jtech/camel-spring silencer.bigpond:18444/jtech/camel-spring:latest
𝜆 docker push silencer.bigpond:18444/jtech/camel-spring:latest
1
𝜆 docker push --disable-content-trust silencer.bigpond:18444/jtech/camel-spring:latest

Note

  • Due to Docker Virtual Machine is immutable, the CA certificate added change made inside VM is ephemeral, and lost after VM is restarted
  • Docker Private Registry ONLY supports HTTPS, NOT HTTP
  • Nexus repository MUST register and use server certificate for host e.g. “silencer.bigpond”, NOT “localhost.bigpond” to run Docker Private Registry
  • Try with “–disable-content-trust” if error like “Get https://silencer.gateway:18444/v1/_ping: x509: certificate signed by unknown authority”

Reference

Setup HTTPS access in Nexus Repository Manager OSS 3.x.x

Guestbook

Generate Self Signed certificate

On a Mac at home, with Bigpond internet access. Full host name is silencer.bigpond and IP Address is 10.0.0.9.

1
2
terrence@Silencer /Applications/nexus-3.0.0-03/etc/ssl
00:13:05 𝜆 keytool -genkeypair -keystore keystore.jks -storepass changeit -keypass changeit -alias jetty -keyalg RSA -keysize 2048 -validity 5000 -dname "CN=*.bigpond, O=Sonatype, L=Unspecified, ST=Unspecified, C=AU" -ext "SAN=DNS:silencer.bigpond,IP:10.0.0.9" -ext "BC=ca:true"

OR run “nslookup 127.0.0.1” return full domain hostname e.g. “localhost.bigpond”.

1
2
terrence@Silencer /Applications/nexus-3.0.0-03/etc/ssl
00:13:05 𝜆 keytool -genkeypair -keystore keystore.jks -storepass changeit -keypass changeit -alias jetty -keyalg RSA -keysize 2048 -validity 5000 -dname "CN=*.bigpond, O=Sonatype, L=Unspecified, ST=Unspecified, C=AU" -ext "SAN=DNS:localhost.bigpond,IP:127.0.0.1" -ext "BC=ca:true"

Now, with latest Nexus (version 3.2.0-01) you can use self-signed server certificate without specifying IP address.

1
2
terrence@Silencer /usr/local/nexus-3.2.0-01/etc/ssl
00:13:05 𝜆 keytool -genkeypair -keystore keystore.jks -storepass changeit -keypass changeit -alias jetty -keyalg RSA -keysize 2048 -validity 5000 -dname "CN=*.gateway, O=Sonatype, L=Unspecified, ST=Unspecified, C=AU" -ext "SAN=DNS:silencer.gateway" -ext "BC=ca:true"

Enable HTTPS access

Change jetty-https.xml file:

1
2
3
4
5
6
7
8
9
10
11
12
terrence@Silencer /Applications/nexus-3.0.0-03/etc
00:18:59 𝜆 diff jetty-https.xml jetty-https.xml.orig
25,26c25,26
<     <Set name="KeyStorePassword">changeit</Set>
<     <Set name="KeyManagerPassword">changeit</Set>
---
>     <Set name="KeyStorePassword">OBF:1v2j1uum1xtv1zej1zer1xtn1uvk1v1v</Set>
>     <Set name="KeyManagerPassword">OBF:1v2j1uum1xtv1zej1zer1xtn1uvk1v1v</Set>
28c28
<     <Set name="TrustStorePassword">changeit</Set>
---
>     <Set name="TrustStorePassword">OBF:1v2j1uum1xtv1zej1zer1xtn1uvk1v1v</Set>

Add SSL port and include jetty-https.xml in file:

1
2
3
4
5
6
7
8
terrence@Silencer /Applications/nexus-3.0.0-03/etc
00:19:06 𝜆 diff org.sonatype.nexus.cfg org.sonatype.nexus.cfg.orig
3d2
< application-port-ssl=8444
5c4
< nexus-args=${karaf.etc}/jetty.xml,${karaf.etc}/jetty-http.xml,${karaf.etc}/jetty-https.xml,${karaf.etc}/jetty-http-redirect-to-https.xml,${karaf.etc}/jetty-requestlog.xml
---
> nexus-args=${karaf.etc}/jetty.xml,${karaf.etc}/jetty-http.xml,${karaf.etc}/jetty-requestlog.xml

Retrieve server’s certificate

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
𝜆 keytool -printcert -rfc -sslserver silencer.bigpond:8444 > silencer.bigpond.pem
-----BEGIN CERTIFICATE-----
MIIDkDCCAnigAwIBAgIEAqo9kTANBgkqhkiG9w0BAQsFADBgMQswCQYDVQQGEwJBVTEUMBIGA1UE
CBMLVW5zcGVjaWZpZWQxFDASBgNVBAcTC1Vuc3BlY2lmaWVkMREwDwYDVQQKEwhTb25hdHlwZTES
MBAGA1UEAwwJKi5iaWdwb25kMB4XDTE2MDYxMjExMzY1M1oXDTMwMDIxOTExMzY1M1owYDELMAkG
A1UEBhMCQVUxFDASBgNVBAgTC1Vuc3BlY2lmaWVkMRQwEgYDVQQHEwtVbnNwZWNpZmllZDERMA8G
A1UEChMIU29uYXR5cGUxEjAQBgNVBAMMCSouYmlncG9uZDCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAJNO5mDpBDQQ8n4t0P2z8ChWzIFQ3Pf+5U8x6P17O3WtKTfsbuRYobHYmas5tVdV
dnLIqpb4JV9DWIoS+CNG6cRLy3GIWWT7CbjsrpDlOTArslvk3KuzQ0dsZNflRfdd+ughI2LczehE
fhzPJzA+ZU8Am1CadM+VUa+T6MilFQMXpWfjND6BNnV+qr/MX1QQfSjiWt7oWBex0BB0VPv9ooBZ
UqO+8jk5fUY8wEIa/kqLUqIKGxIUx9BMQBwBJwDKZmK93DXSPvAFYbKQjj6/nbV9R1VWmR7fhkLG
+Ixlx5ld2dxv4+xvXmS8s4NanBtKZWUfEYVPp7gUF9HZoW9A1jcCAwEAAaNSMFAwDAYDVR0TBAUw
AwEB/zAhBgNVHREEGjAYghBzaWxlbmNlci5iaWdwb25khwQKAAAJMB0GA1UdDgQWBBQV3WTuC+GI
8lHtH0uL+kYqTG+vczANBgkqhkiG9w0BAQsFAAOCAQEAUwL+qnKVT0ENZEZnDjB+cjPfvkeWOD05
PrGUOn4YB4vllq2S6Cgfm0OaZ+vMt3KMXPf9pIgZ797jdPhOP/s5IVJItldky+u/Hk9gNtUwEjpg
l0MjhSm/PqxR5XoJdkYlvUdtq+PTrU5RU3v3GImeOmlI4mM5PaZ6OT8HC5VMX5s9RawBr/5EbJHR
M7EN8r3g4Y/2109YoHoiWAhnN6TC3RhmCoQqGOiPsS732KHUz3KqXVbq9VTRdA3dXqFj1cUSet1T
XTPisaiehffvbqYm2vrJ5WYgqCwb8TadDg66TToj080qvA8cXAF7qlA8pOImrbVOs7tdANSAs+AO
cqCkiA==
-----END CERTIFICATE-----

To get another Source Code Repository server’s certificate

1
𝜆 keytool -printcert -rfc -sslserver bitbucket.cd.paradise.org:443 > bitbucket.cd.paradise.org.pem

Test

Restart Nexus and access: https://localhost:8444

Note

  • Use utility tool “KeyStore Explorer” add additional CA certificates into keystore.jks file, especially when Gradle / Maven output error like:
1
> sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target