June 25th, 2008 Scott
I use VMware 6 on my Linux-based laptop to run a Windows development environment. Quite often I receive pre-made Virtual PC images from clients containing a copy of their specific environment. Unfortunately, VMware for Linux can not run Virtual PC images directly. (Supposedly VMware for Windows can.) So I am stuck with the task of converting the VPC images to VMware images. Luckily, VMware has a free conversion tool available to do just that. Unluckily, it only runs under Windows.
I started by installing VMware Converter on one of my existing Windows images. Next start the convertor and run the conversion wizard. Setup the wizard to convert a standalone machine and browse to the directory that contains the VPC definition. Finish working through the steps in the wizard, and make sure to check the box to install the VMware tools. Failure to do so will cause the converted VPC image to crash hard when you boot it up. After the wizard finishes converting the image, boot up the newly converted virtual machine from the VMware console and allow Windows to install and configure the new “hardware” and drivers. Reboot the virtual machine once the hardware configuration is finished. The final step is to remove the mouse filter that the VPC tools installs. Open RegEdit and navigate to to HKLM\SYSTEM\CurrentControlSet\Control\Class\{4036E96F-E325-11CE-BFC1-08002BE10318}\UpperFilters and remove the msvmmouf entry from the UpperFilters key. (You can skip this step if you uninstall the Virtual PC tools prior to starting the conversion.) Reboot one final time and the virtual machine is ready to go.
I hope this is helpful to anybody else out there who has struggled with getting a Virtual PC image running under VMware for Linux. Feel free to leave any questions or observations in the comments section.
Posted in Uncategorized | Comments Off
June 18th, 2008 Scott
I did not plan to leave this series hanging like that. Time to get back to the action.
This time around we will take a look at installing certificates that we created in Part 1. We will start by opening the Microsoft Management Console. Make sure that you are logged in using the account that the BizTalk services runs under. Click on Start | Run and type in mmc.exe when it prompts for a program to run. Once in the MMC, click on File | Add/Remove Snap-in. We now need to add the Certificate management snap-in twice, once for the current user and once for the local computer. When completed, it should look something like this:
Import the .pfx key into the personal certifcate store of the current user. Right-click on Personal folder and choose Import. If you have any public certificates from your trading partners, import them into the Other People folder under the local computer certificate store. In the future as you add additional trading partners you will need to add their public certificates to this store. The .cer file is given to each of your trading partners so they can decrypt and verify the messages that you send to them.
This part was pretty short, but it completes the prerequisite tasks needed to setup BizTalk. In part three we will start configuring BizTalk itself by creating the AS2 receive endpoint. I will try not to take as long this time between posts.
Posted in BizTalk, EDI, Technology | 2 Comments »
June 9th, 2008 Scott
This is a just a quick BAM portal configuration tip. If you receive an HTTP 401 Unauthorized error when connecting to the portal and you are hosting the BAM portal using IIS6, you may need to configure a service principal name (SPN) for the server hosting the portal website. This condition occurs if you set up the BAM portal to use Windows security as the only authentication method. Instructions for setting up an SPN can be found in the Microsoft knowledge base.
Hat tip to Andy Morrison’s BizTalk blog for the heads up on this issue.
Posted in BizTalk, Technology, Web | Comments Off
June 6th, 2008 Scott
Last weekend I broke down and repaved my work laptop. I used the opportunity to upgrade the primary operating system from Fedora 8 to Fedora 9. My laptop is a Lenovo T61 with the Intel X3100 mobile graphics processor and an Intel 4965AGN wireless adapter.
Since the T61 includes a 64-bit Core 2 Duo processor, I installed the x86_64 version of Fedora 9. The installation went very smoothly. Almost all of the hardware in my laptop was detected by the installation tools and the appropriate drivers and modules were installed and correctly configured. In fact, the only hardware piece that was not configured was the fingerprint reader. I should also note that I have not fully tested all the power management functionality yet, so I do not know if the suspend and/or hibernation features work correctly. (They did not under Fedora 8.)
Overall, I am very happy with this release. I have noticed faster boot times, much improved yum performace and better NetworkManager support. I only have three two remaining issues that I need to resolve.
I can not get the Linux Flash plugin to work. Update: I found this wonderful installation guide on HackTux that tells you how to get the Flash plugin working correctly under 64-bit Fedora 9.- I am a heavy user of VMware Workstation, and currently when I switch one of my virtual machines to fullscreen mode, it remaps the Shift, Ctrl, and CapsLock keys on my keyboard. My current workaround is to connect to my virtual machines using rdesktop then running rdesktop in fullscreen mode. Most people are blaming this on a change that occurred with the latest version of X.org. I really hope VMware releases a fix for this soon. In the event that I forget and accidently run a virtual machine in fullscreen mode, I run setxbmap to reset my keyboard mappings.
- Finally, my final problem is not really a Fedora issue per se, but it came up as part of my upgrade so I am mentioning it hear. Since version 2.2 I have been a user of KDE. Earlier this year the KDE project released version four of the desktop, and Fedora 9 was my first chance to try it out. Unfortunately, KDE 4.0 is not really ready for prime time just yet. In its current state it is virtually unusable for my daily work. The KDE team is currently working on fixing these issues and I am anxiously awaiting the release of KDE 4.1. KDE 4.1 is currently scheduled for release in late July, and look forward to trying out once it is available. While I view KDE 4.0 as a major step backwards from KDE 3.5 in its current state, I also understand the reasoning behind its inclusion in Fedora 9. In the interim, I have switched over to Xfce desktop and so far it has been serving me well.
The best part is that neither of these problems is show-stopper. They are more nuisance than menace and I have functional workarounds in place until the issues get fixed. I whole-heartedly recommend Fedora 9 as a developer-friendly cutting-edge Linux distribution.
Posted in KDE, Linux, Technology | 1 Comment »
June 4th, 2008 Scott
Before we can get started with setting up BizTalk for AS2 communication, we need to generate our security certificates. Certificates in AS2 are used to encrypt the EDI data being transmitted over the internet, and to sign the AS2 message to prevent tampering. There are two primary ways to self-generate your own certificates. The first is to install Microsoft Certificate Services and setup a local certificate authority. MCS is available on the Windows 2003 or Windows 2008 installation media. Setting up and using MCS requires a fair amount of work, and I am not going to cover it in this series. Instead we will be using the open source OpenSSL cryptography tools to generate our certificates.
I used the OpenSSL tools that shipped with Fedora 8 to generate these certifcates. OpenSSL is also included as part of the Cygwin tools for Windows. Generating certificates can be done with three simple commands:
First we need to create our public/private key pair.
openssl req -x509 -nodes -days 1825 -newkey rsa:1024 -keyout host.pem -out host.pem
Next we need to extract the private key in PKCS#12 format.
openssl pkcs12 -export -out host.pfx -in host.pem -name “My Certificate”
Finally we need to extract the public key in DER format.
openssl x509 -outform der -in ./host.pem >> host.cer
(Try openssl x509 -outform der -in ./host.pem -out host.cer if you are running these commands from a Windows shell)
After executing these commands you should have three files. The host.pem file contains both the public and private key parts. This file can be used to regenerate the keys if needed, and should be backed up in a secure location. The host.pfx file contains the private key in a format that is suitable for importing into the Windows certificate store. The host.cer file contains the public key in a format that most AS2 software packages understand. The public key will be given to your trading partners, so you will want to keep it in a location where it can be easily accessed. It is also worth noting that this certificate will be valid for five years after the creation date. If you need to increase or decrease the time limit, simply adjust the number after the -days option in the first OpenSSL command.
There is also the option of purchasing a certificate from a commercial CA such as Verisign or thawte. As this can be expensive, I do not recommend purchasing a certificate unless you have one or more trading partners that require it.
Next time we will take a look at importing the certificates into the Windows certificate store.
Update: Added a second version of the third OpenSSL command to properly output the public key when using Windows.
Posted in BizTalk, EDI, Technology | 4 Comments »
