Install Oracle 18c(18.3) on CentOS 7.5 Silent Mode

Linux Version : CentOS 7.5
Oracle Version : 18c (18.3.0.0)

1. Download the Zip file from Oracle Website and create groups and oracle user(https://www.oracle.com/technetwork/database/enterprise-edition/downloads/oracle18c-linux-180000-5022980.html ) ##

groupadd oinstall
groupadd dba

useradd oracle -g oinstall -G dba
passwd oracle

Create .bash_profile , in my test server i use 3 different Oracle homes and versions, so the bash profile looks a bit extra funky 😉

# .bash_profile

# Get the aliases and functions
if [ -f ~/.bashrc ]; then
. ~/.bashrc
fi

# User specific environment and startup programs
export CATALINA_HOME=/home/oracle/apache-tomcat
PATH=/bin:/usr/bin:/etc:/usr/sbin:/usr/ucb:$HOME/bin:/usr/bin/X11:/sbin:/bin/bash:$CATALINA_HOME/bin.
export PATH
EDITOR=vi
export EDITOR=vi

if [ -s “$MAIL” ] # This is at Shell startup. In normal
then echo “$MAILMSG” # operation, the Shell checks
fi # periodically.

echo ” ”
echo ” ”
echo ” ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~”
echo ” Database options”
echo ” ”
echo ” ”
echo ” 1) DATABASE 12cR2″
echo ” ”
echo ” 2) DATABASE 12cR1″
echo ” ”
echo ” 3) DATABASE 18.3″
echo ” ”
echo ” ”
echo ” ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~”
echo ” ”
echo ” ”
echo ” Enter Choice:\c”
read env
if [ $env -eq 1 ] ; then
export ORACLE_HOME=/u01/app/oracle/product/12.2.0/dbhome_1
export ORACLE_BASE=/u01/app/oracle
export ORACLE_SID=ora12c
PS1=’$PWD:12cR2–>’

else
if [ $env -eq 2 ] ; then
export ORACLE_HOME=/u01/app/oracle/product/12.1.0/dbhome_1
export ORACLE_BASE=/u01/app/oracle
export ORACLE_SID=moovorix
PS1=’$PWD:12cR1–>’
fi

if [ $env -eq 3 ] ; then
export ORACLE_HOME=/u01/app/oracle/product/18.3.0/dbhome_1
export ORACLE_BASE=/u01/app/oracle
export ORACLE_SID=ora18c
PS1=’$PWD:18c–>’
fi
fi
export LD_LIBRARY_PATH=$ORACLE_HOME/lib:/usr/lib:/lib
export LIBPATH=$ORACLE_HOME/lib32:$ORACLE_HOME/lib:/usr/lib:/lib
export PATH=$PATH:$ORACLE_HOME/bin:/u01/app/12.1.0.2/grid/bin:$ORACLE_HOME/OPatch
stty erase ^?
TMOUT=0;TIMEOUT=600;export readonly TMOUT TIMEOUT
set -o vi

echo ”
echo ”
clear
echo
echo “ORACLE_SID=$ORACLE_SID”
echo

alias tsmd=’cd /opt/tivoli/tsm/client/oracle/bin64/’
alias ob=’cd $ORACLE_BASE’
alias oh=’cd $ORACLE_HOME’
alias tns=’cd $ORACLE_HOME/network/admin’
alias ch=’cd $CATALINA_HOME’
alias envo=’env | grep ORACLE’
alias sqld=’rlwrap sqlplus “/as sysdba”‘
alias cpu=”cat /proc/cpuinfo | awk ‘/^processor/{print $3}’ | wc -l”
alias py=’/usr/bin/python3.6′
alias py2=’/usr/bin/python’
export PATH
umask 022

envo

2. Install all the pre-requisites, if your on Oracle Linux there is an RPM you can install : oracle-database-preinstall-18c

Else if you prefer do the pre-requisites manually (Which I do)

Check for missing packages

rpm -q –qf ‘%{NAME}-%{VERSION}-%{RELEASE}(%{ARCH})\n’ binutils \
compat-libcap1 \
compat-libstdc++-33 \
elfutils-libelf \
elfutils-libelf-devel \
gcc \
gcc-c++ \
glibc \
glibc-common \
glibc-devel \
glibc-headers \
ksh \
libaio \
libaio-devel \
libgcc \
libstdc++ \
libstdc++-devel \
make \
libXext \
libXtst \
libX11 \
libXau \
libxcb \
libXi \
sysstat \
unixODBC \
unixODBC-devel

Install missing packages with Yum
eg:
rpm -Uvh compat-libcap1

Update Kernel Parameters

Open sysctl.conf file and add the kernel parameters

vi /etc/sysctl.conf

fs.file-max = 6815744
kernel.sem = 250 32000 100 128
kernel.shmmni = 4096
kernel.shmall = 1073741824
kernel.shmmax = 4398046511104
net.core.rmem_default = 262144
net.core.rmem_max = 4194304
net.core.wmem_default = 262144
net.core.wmem_max = 1048576
fs.aio-max-nr = 1048576
net.ipv4.ip_local_port_range = 9000 65500

Add Limits for Oracle user

Open file limits.conf and add below parameters

vi /etc/security/limits.conf

–shell limits for users oracle 18c

oracle soft nofile 1024
oracle hard nofile 65536
oracle soft nproc 2047
oracle hard nproc 16384
oracle soft stack 10240
oracle hard stack 32768

3. Silent Installation of 18c Software, the new installer is a zipped Oracle Home which you need to unzip to your Oracle Home directory and installation command just relinks all libraries. The installation is super quick due to this, afer this installation you are never going back to the normal runInstaller again

mkdir -p /u01/app/oracle/product/18.3.0/dbhome_1/

unzip -q LINUX.X64_180000_db_home.zip -d /u01/app/oracle/product/18.3.0/dbhome_1/

cd /u01/app/oracle/product/18.3.0/dbhome_1/

sed -e ‘/\s*#.*$/d’ -e ‘/^\s*$/d’ install/response/db_install.rsp > install/response/db_18c.rsp

cat install/response/db_18c.rsp
## Remove all other parameters and just leave the below ##

oracle.install.responseFileVersion=/oracle/install/rspfmt_dbinstall_response_schema_v18.0.0
oracle.install.option=INSTALL_DB_SWONLY
UNIX_GROUP_NAME=oinstall
INVENTORY_LOCATION=/u01/app/oraInventory
ORACLE_HOME=/u01/app/oracle/product/18.3.0/dbhome_1
ORACLE_BASE=/u01/app/oracle
oracle.install.db.InstallEdition=EE
oracle.install.db.OSDBA_GROUP=dba
oracle.install.db.OSOPER_GROUP=dba
oracle.install.db.OSBACKUPDBA_GROUP=dba
oracle.install.db.OSDGDBA_GROUP=dba
oracle.install.db.OSKMDBA_GROUP=dba
oracle.install.db.OSRACDBA_GROUP=dba

## If an error “[WARNING] [INS-13001] Oracle Database is not supported on this operating system 18c” pops up; the use parameter ignoreInternalDriverError in the runinstaller ##

./runInstaller -silent -responseFile install/response/db_18c.rsp -ignoreInternalDriverError

## As Root User ##
sh /u01/app/oracle/product/18.3.0/dbhome_1/root.sh

4. Silent Creation of Database using dbca silent mode

dbca -createDatabase -silent -gdbName ora18c -templateName General_Purpose.dbc -sysPassword sys123 -systemPassword sys123 -dbsnmpPassword sys123 -datafileDestination /u01/oradata -storageType FS -memoryPercentage 20 -emConfiguration NONE -sampleSchema false

[FATAL] [DBT-50000] Unable to check for available memory.
[FATAL] [DBT-50001] Unable to check the value of kernel parameter {0}

While creating a on-premise 18c (18.3) database with DBCA in the silent mode If you get above error. Then use the parameter -J-Doracle.assistants.dbca.validate.ConfigurationParams=false ; it can be used both in cli and gui ##

dbca -createDatabase -silent -gdbName ora18c -templateName General_Purpose.dbc -sysPassword sys123 -systemPassword sys123 -dbsnmpPassword sys123 -datafileDestination /u01/oradata -storageType FS -memoryPercentage 20 -emConfiguration NONE -sampleSchema false -J-Doracle.assistants.dbca.validate.ConfigurationParams=false

5. Create Listener for 18c

cd /u01/app/oracle/product/18.3.0/dbhome_1/admin/network

vi listener.ora

SID_LIST_LISTENER_18C =
(SID_LIST =
(SID_DESC =
(GLOBAL_DBNAME = ora18c)
(ORACLE_HOME = /u01/app/oracle/product/18.3.0/dbhome_1)
(SID_NAME = ora18c)
)
)

LISTENER_18C =
(DESCRIPTION_LIST =
(DESCRIPTION =
(ADDRESS = (PROTOCOL = TCP)(HOST = 103.42.111.196)(PORT = 1523))
)
)

lsnrctl start LISTENER_18C

Checking from SQL*PLUS

SQL*Plus: Release 18.0.0.0.0 – Production on Mon Aug 13 04:03:10 2018
Version 18.3.0.0.0

Copyright (c) 1982, 2018, Oracle. All rights reserved.

Connected to:
Oracle Database 18c Enterprise Edition Release 18.0.0.0.0 – Production
Version 18.3.0.0.0

SQL> select name,open_mode from v$database;

NAME OPEN_MODE
——— ——————–
ORA18C READ WRITE

Dkam7GRUwAA3XXJ.jpg large

Oracle 18c (18.3) DBCA Issue – [DBT-50000] [DBT-50001]

While creating a on-premise 18c (18.3) database with DBCA in the silent mode I got the below error

dbca -createDatabase -silent -gdbName ora18c -templateName General_Purpose.dbc -sysPassword sys123 -systemPassword sys123 -dbsnmpPassword sys123 -datafileDestination /u01/oradata -storageType FS -memoryPercentage 20 -emConfiguration NONE -sampleSchema false

[FATAL] [DBT-50000] Unable to check for available memory.
[FATAL] [DBT-50001] Unable to check the value of kernel parameter {0}

I am not too sure what exactly causes that error but i am suspecting their is something in the kernel parameters which is not right for the 18c installation, especially since i did not install the 18c per-requisites RPM and my Linux is CentOS 7.5

The Solution to this problem is to call dbca with below parameter, it can be used for CLI and GUI both.

-J-Doracle.assistants.dbca.validate.ConfigurationParams=false

Full DBCA command


dbca -createDatabase -silent -gdbName ora18c -templateName General_Purpose.dbc -sysPassword sys123 -systemPassword sys123 -dbsnmpPassword sys123 -datafileDestination /u01/oradata -storageType FS -memoryPercentage 20 -emConfiguration NONE -sampleSchema false -J-Doracle.assistants.dbca.validate.ConfigurationParams=false

Prepare for db operation
10% complete
Copying database files
40% complete
Creating and starting Oracle instance
42% complete
46% complete
50% complete
54% complete
60% complete
Completing Database Creation
66% complete
69% complete
70% complete
Executing Post Configuration Actions
100% complete
Database creation complete. For details check the logfiles at:
/u01/app/oracle/cfgtoollogs/dbca/ora18c.
Database Information:
Global Database Name:ora18c
System Identifier(SID):ora18c
Look at the log file “/u01/app/oracle/cfgtoollogs/dbca/ora18c/ora18c.log” for further details.

It will give some warnings but it is due to not using a strong password. But it should not have caused at any issues in creating the database. Lets check with SQLPLUS

SQL*Plus: Release 18.0.0.0.0 – Production on Mon Aug 13 03:13:45 2018
Version 18.3.0.0.0

Copyright (c) 1982, 2018, Oracle. All rights reserved.

Connected to:
Oracle Database 18c Enterprise Edition Release 18.0.0.0.0 – Production
Version 18.3.0.0.0

SQL> select name,open_mode from v$database;

NAME OPEN_MODE
——— ——————–
ORA18C READ WRITE

SCP and Pass Variable in Bash Script


#!/bin/bash

read -p 'Enter the Files to be Send to Remote Host: ' files
destination_directory='/home/oracle'

scp -i /Users/shadab/wha.pem $files oracle@192.168.1.200:$destination_directory

## SAMPLE USAGE ##
# shadabs-MacBook-Pro:~ shadab$ ./scp_files.sh
#Enter the Files to be Send to Remote Host: *.sh
#scp_files.sh 100% 344 39.1KB/s 00:00
#scp_files_gone.sh 100% 344 52.3KB/s 00:00
#
#
#shadabs-MacBook-Pro:~ shadab$ ./scp_files.sh
#Enter the Files to be Send to Remote Host: scp_files.sh
#scp_files.sh 100% 434 80.5KB/s 00:00

You can now add alias for this script in .bashrpc file

alias scpo=’sh /Users/shadab/scp_files.sh’

Multiple Homes and Instances Oracle Database Bash Profile


# .bash_profile

# Get the aliases and functions
if [ -f ~/.bashrc ]; then
. ~/.bashrc
fi

# User specific environment and startup programs
export CATALINA_HOME=/home/oracle/apache-tomcat
PATH=/bin:/usr/bin:/etc:/usr/sbin:/usr/ucb:$HOME/bin:/usr/bin/X11:/sbin:/bin/bash:$CATALINA_HOME/bin.
export PATH
EDITOR=vi
export EDITOR=vi

if [ -s "$MAIL" ] # This is at Shell startup. In normal
then echo "$MAILMSG" # operation, the Shell checks
fi # periodically.

echo " "
echo " "
echo " ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~"
echo " Database options"
echo " "
echo " "
echo " 1) DATABASE 12cR2"
echo " "
echo " 2) DATABASE 12cR1"
echo " "
echo " "
echo " ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~"
echo " "
echo " "
echo " Enter Choice:\c"
read env
if [ $env -eq 1 ] ; then
export ORACLE_HOME=/u01/app/oracle/product/12.2.0/dbhome_1
export ORACLE_BASE=/u01/app/oracle
export ORACLE_SID=ora12cr2
PS1='$PWD:12cR2-->'

else
if [ $env -eq 2 ] ; then
export ORACLE_HOME=/u01/app/oracle/product/12.1.0/dbhome_1
export ORACLE_BASE=/u01/app/oracle
export ORACLE_SID=ora12cr1
PS1='$PWD:12cR1-->'
fi
fi
export LD_LIBRARY_PATH=$ORACLE_HOME/lib:/usr/lib:/lib
export LIBPATH=$ORACLE_HOME/lib32:$ORACLE_HOME/lib:/usr/lib:/lib
export PATH=$PATH:$ORACLE_HOME/bin:/u01/app/12.1.0.2/grid/bin:$ORACLE_HOME/OPatch
stty erase ^?
TMOUT=0;TIMEOUT=600;export readonly TMOUT TIMEOUT
set -o vi

echo ''
echo ''
clear
echo
echo "ORACLE_SID=$ORACLE_SID"
echo

alias tsmd='cd /opt/tivoli/tsm/client/oracle/bin64/'
alias ob='cd $ORACLE_BASE'
alias oh='cd $ORACLE_HOME'
alias tns='cd $ORACLE_HOME/network/admin'
alias ch='cd $CATALINA_HOME'
alias envo='env | grep ORACLE'
alias sqld='rlwrap sqlplus "/as sysdba"'
export PATH
umask 022

envo

Multiple Oracle Databases and Homes on Same Listener

On my test server I have got 2 ORACLE_HOMES 12cR1 (12.1.0.2) and 12cR2 (12.2.0.1)

My listener.ora file on my server looks something like below

SID_LIST_LISTENER_12CR2 =
(SID_LIST =
(SID_DESC =
(GLOBAL_DBNAME = ora12cr2)
(ORACLE_HOME = /u01/app/oracle/product/12.2.0/dbhome_1)
(SID_NAME = ora12cr2)
)
)

LISTENER_12CR2 =
(DESCRIPTION_LIST =
(DESCRIPTION =
(ADDRESS = (PROTOCOL = TCP)(HOST = 192.168.1.196)(PORT = 1521))
)
)

SID_LIST_LISTENER_12CR1 =
(SID_LIST =
(SID_DESC =
(GLOBAL_DBNAME = ora12cr1)
(ORACLE_HOME = /u01/app/oracle/product/12.1.0/dbhome_1)
(SID_NAME = ora12cr1)
)
)

LISTENER_12CR1 =
(DESCRIPTION_LIST =
(DESCRIPTION =
(ADDRESS = (PROTOCOL = TCP)(HOST = 192.168.1.196)(PORT = 1522))
)
)

$ lsnrctl start LISTENER_12CR2

$ lsnrctl start LISTENER_12CR1

Add Image to Column from URL Column Value Apex

Create a new interactive report based on SQL Query. Make sure the column where image is store is populated in the column ‘PHOTO’ of the table

Go to Columns > Column Formatting and add to HTML Expression below code

<img src=”#PHOTO#” alt=”Image Not Found” height=”200″ width=”260″>

– ‘PHOTO’ is the name of the column which holds URL for the image
– ‘height’ and ‘width’ is the size to which the image will be cropped
– ‘alt’ is the text which will be displayed if the URL is not valid

For “Report with Forms on Table”

Select the Item eg : P4_PHOTO

Change type to “Display Image” and settings to “Image URL stored in Page Item Value”

A Very Cool Oracle Bash Profile


# .bash_profile

# Get the aliases and functions
if [ -f ~/.bashrc ]; then
. ~/.bashrc
fi

# User specific environment and startup programs

PATH=$PATH:$HOME/.local/bin:$HOME/bin

export PATH

# Oracle Settings
export TMP=/tmp

export ORACLE_HOSTNAME=easyoradba.com
export ORACLE_UNQNAME=ora12c
export ORACLE_BASE=/u01/app/oracle
export ORACLE_HOME=$ORACLE_BASE/product/12.2.0/dbhome_1
export ORACLE_SID=ora12c
export CATALINA_HOME=/home/oracle/apache-tomcat

PATH=/usr/sbin:$PATH:$ORACLE_HOME/bin:$CATALINA_HOME/bin

export LD_LIBRARY_PATH=$ORACLE_HOME/lib:/lib:/usr/lib;
export CLASSPATH=$ORACLE_HOME/jlib:$ORACLE_HOME/rdbms/jlib;

alias ob='cd $ORACLE_BASE'
alias oh='cd $ORACLE_HOME'
alias tns='cd $ORACLE_HOME/network/admin'
alias ch='cd $CATALINA_HOME'
alias envo='env | grep ORACLE'
alias sqld='rlwrap sqlplus "/as sysdba"'

umask 022

envo

Create pem file for SSH access Linux

It is always good practice to lock down password based logins and SSH using keys. We can use pem files to login to remote server from local machines. Infact if you use AWS, the only way to SSH into the server is using pem files.

This procedure can be done on any server cloud based or sitting on your LAN

1. On your local Machine from where you require access, I prefer to keep it in the home directory of the user

# cd $HOME

# ssh-keygen -t rsa -b 2048

Generating public/private rsa key pair.
Enter file in which to save the key (/Users/shadab/.ssh/id_rsa): wha
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in wha.
Your public key has been saved in wha.pub.
The key fingerprint is:
SHA256:*******************************
The key’s randomart image is:
+—[RSA 2048]—-+
| |
| . |
|= o |
|oB . . |
| o+ .o S |
|.+.o= .. |
|+ o*.Xo.+ |
|o =o&.BO o |
| + E+X++=.. |
+—-[SHA256]—–+

The file which i chose to create is “wha”, this will create 3 files “wha”, “wha.pem”, “wha.pub”

wha.pem is empty for now
wha : is your private key
wha.pub : is your public key

 

 

2. Keep the private key (wha) as it is and create a pem file from it

# rsa -in wha -outform pem > wha.pem

writing RSA key

Now the pem file is created. Next step to copy public key to remote server

Note: If you dont have rsa utility on your local machine, with a simple copy command also you can create the pem file.

# cp -p wha wha.pem

 

 

3. Copy the public key to your remote server, which needs to be accessed

# ssh-copy-id -i wha.pub root@1.0.0.1

/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: “wha.pub”
The authenticity of host ‘1.0.0.1 (1.0.0.1)’ can’t be established.
ECDSA key fingerprint is SHA256:*************************.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed — if you are prompted now it is to install the new keys
root@1.0.0.1 password:

Number of key(s) added: 1

Now try logging into the machine, with: “ssh ‘root@1.0.0.1′”
and check to make sure that only the key(s) you wanted were added.

 

 

4. Change the permissions of your local machine pem file

# chmod 400 wha.pem

 

 

5. Login to remote server with pem file to check

# ssh -i /Users/shadab/wha.pem root@1.0.0.1

 

6. Disable SSH Access to server

On the remote server with root user

# vim /etc/ssh/sshd_config

Change parameter PasswordAuthentication yes to PasswordAuthentication no

Restart SSH Daemon

# systemctl restart sshd

or

# service sshd restart

 

P.S: If you need to do the same for any other user on the remote server. you just have to
copy the public key file with that user on the remote server

 

ssh-copy-id -i wha.pub oracle@1.0.0.1

ssh -i /Users/shadab/wha.pem oracle@1.0.0.1

 

 

Enable SSL Certificates for Oracle Apex 18.1 with Oracle Rest Data Services (ORDS) 18.1 hosted on Apache Tomcat 9

If you have a public facing APEX instance it would be mandatory to secure it with TLS 1.2 or SSL. If you want to enable https for a public facing web server, it’s always recommended to use a public certificate authority or at-least use Lets encrypt to generate certificates.Self-signed certificates are not to be put on a public expose service. Ideally, it is better to use a reverse proxy in front (like httpd or NGINX) with tomcat connecting to the DB in backend.

First step is to enable HTTPS from ORDS

——————- STEP A : Enable HTTPS for ORDS ————

Login to your ORDS on http://localhost:8080/ords

Login as “internal” workspace

Go to Manage Instance > Security

Enable HTTPS

Require HTTPS: Always
Require Outbound HTTPS : No

Apply Changes Save..Now go to Step B to enable HTTPS for Apache Tomcat

 

——————- STEP B :  Self-Signed Certificates for Tomcat which is only used on the local network  ————

Enable HTTPS for Apache Tomcat for localhost (this is only for webserver which is not facing the internet )

1. As Apache Tomcat User, generate a keystore with Java

su – tomcat

cd $HOME

pwd

— Check java version —

# which java

# java -version

# keytool -genkey -alias tomcat -keyalg RSA

Add below code to server.xml

 

<Connector SSLEnabled=”true” acceptCount=”100″ clientAuth=”false”
disableUploadTimeout=”true” enableLookups=”false” maxThreads=”25″
port=”8443″ keystoreFile=”/home/tomcat/.keystore” keystorePass=”yourpassword”
protocol=”org.apache.coyote.http11.Http11NioProtocol” scheme=”https”
secure=”true” sslProtocol=”TLS” />

 

 

Remove the HTTP connector tag from the server.xml file
Ensure ‘keystoreFile’ parameter correctly reflects where you created the key Java keystore

— Restart tomcat —

 

Access https://localhost:8443/
also http://localhost:8080/ will work

 

Configuring your app to work with SSL (Optional)
Add below code to web.xml file before web-app tag ends:

 

<security-constraint>
<web-resource-collection>
<web-resource-name>securedapp</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>

 

This configuration allows you to set SSL options for all an application’s pages in one place. For example, to disable SSL for all your application’s pages, change “CONFIDENTIAL” to “NONE”.
—————– STEP C : Let’s Encrypt SSL Certificates ————

Install Let’s Encrypt from EPEL repos

# yum install certbot -y

Create a certificate

1. If using httpd (in Apex ORDS this is not required goto step 2)
# certbot certonly –webroot -w /home/whadev/public_html -d whadev.whitehat-staging.com.au

2. If using Tomcat
# certbot certonly –webroot -w /home/oracle/apache-tomcat/webapps -d whadev.whitehat-staging.com.au

-w it is the path of ‘webapps’ directory in your CATALINA_HOME directory
-d your domain

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for whadev.whitehat-staging.com.au
Using the webroot path /home/whadev/public_html for all unmatched domains.
Waiting for verification…
Cleaning up challenges

IMPORTANT NOTES:
– Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/whadev.whitehat-staging.com.au/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/whadev.whitehat-staging.com.au/privkey.pem
Your cert will expire on 2018-10-07. To obtain a new or tweaked
version of this certificate in the future, simply run certbot
again. To non-interactively renew *all* of your certificates, run
“certbot renew”
– If you like Certbot, please consider supporting our work by:

Donating to ISRG / Let’s Encrypt: https://letsencrypt.org/donate
Donating to EFF: https://eff.org/donate-le

# cd /etc/letsencrypt/live/whadev.whitehat-staging.com.au

Generate a PFX file, with certificates already issued by certbot:

# openssl pkcs12 -export -out bundle.pfx -inkey privkey.pem -in cert.pem -certfile chain.pem -password pass:yourpassword

Add in server.xml below connector tag and remove old Connector tag which was defined in Step B

 

<Connector
protocol=”org.apache.coyote.http11.Http11NioProtocol”
port=”443″ maxThreads=”200″
scheme=”https” secure=”true” SSLEnabled=”true”
keystoreType=”PKCS12″ keystoreFile=”/home/oracle/apache-tomcat/bundle.pfx” keystorePass=”yourpassword”
clientAuth=”false” sslProtocol=”TLS”/>

 

Restart Tomcat

 

 

Install Oracle Database 12cR2 Silent Mode on CENT OS 7 & Oracle Linux 7

If you are going to work on Oracle Database in cloud or in environments where X11 client or server is not available. It is always good to learn how to do a silent installation of Oracle. Specially in todays CI/CD devops model where dba’s have to provision DB servers using Ansible or other such tools. The base of doing such automation will require you to install Oracle from cli. In the below article we will do below 3 steps without any graphical user interface like X11, gnome, kde,vnc etc

1. Install Oracle 12.2.0.1 Database Software using a Response File

2. Create a Database with Response File

3. Create a Listener and Register the Database

I did the below setup on a cloud hosted server, running CENT OS 7, which came with bare minimum packages. It is always good to add different repositories which host all the important softwares for Linux

Now lets get started….

1. Add Groups

# groupadd oinstall
# groupadd dba
# groupadd oper
# groupadd backupdba
# groupadd dgdba
# groupadd kmdba
# groupadd asmdba
# groupadd asmoper
# groupadd asmadmin
# groupadd racdba

2. Add Oracle User

# useradd oracle -g oinstall -G dba,oper,backupdba,dgdba,kmdba

# passwd oracle

3. Check for missing packages

rpm -q --qf '%{NAME}-%{VERSION}-%{RELEASE}(%{ARCH})\n' binutils \
compat-libcap1 \
compat-libstdc++-33 \
elfutils-libelf \
elfutils-libelf-devel \
gcc \
gcc-c++ \
glibc \
glibc-common \
glibc-devel \
glibc-headers \
ksh \
libaio \
libaio-devel \
libgcc \
libstdc++ \
libstdc++-devel \
make \
libXext \
libXtst \
libX11 \
libXau \
libxcb \
libXi \
sysstat \
unixODBC \
unixODBC-devel

 

4. Install missing packages with Yum
eg:
# rpm -Uvh compat-libcap1

 

5. Update Kernel Parameters

Open sysctl.conf file and add the kernel parameters

# vi /etc/sysctl.conf

fs.file-max = 6815744
kernel.sem = 250 32000 100 128
kernel.shmmni = 4096
kernel.shmall = 1073741824
kernel.shmmax = 4398046511104
net.core.rmem_default = 262144
net.core.rmem_max = 4194304
net.core.wmem_default = 262144
net.core.wmem_max = 1048576
fs.aio-max-nr = 1048576
net.ipv4.ip_local_port_range = 9000 65500

 

6. Add Limits for Oracle user

Open file limits.conf and add below parameters

# vi /etc/security/limits.conf

 

–shell limits for users oracle 12gR1

oracle soft nofile 1024
oracle hard nofile 65536
oracle soft nproc 2047
oracle hard nproc 16384
oracle soft stack 10240
oracle hard stack 32768

 

7. Create Bash Profile for Oracle user

 

# mkdir -p /u01/app/oracle/product/12.2.0/dbhome_1

# mkdir -p /u01/app/oracle/product/12.2.0/dbhome_1/network/admin

# mkdir -p /u01/app/oraInventory

# chown oracle:oinstall -R /u01

# vi .bash_profile

 

export TMP=/tmp

export ORACLE_HOSTNAME=easyoradba.com
export ORACLE_UNQNAME=ORA12C
export ORACLE_BASE=/u01/app/oracle
export ORACLE_HOME=$ORACLE_BASE/product/12.2.0/dbhome_1
export ORACLE_SID=ORA12C

PATH=/usr/sbin:$PATH:$ORACLE_HOME/bin

export LD_LIBRARY_PATH=$ORACLE_HOME/lib:/lib:/usr/lib;
export CLASSPATH=$ORACLE_HOME/jlib:$ORACLE_HOME/rdbms/jlib;

alias ob=’cd $ORACLE_BASE’
alias oh=’cd $ORACLE_HOME’
alias tns=’cd $ORACLE_HOME/network/admin’
alias envo=’env | grep ORACLE’
umask 022
envo

# envo

8. Disable SELINUX and IPTABLES (Not a good thing to do on a production server, only for test !!!)

# vi /etc/selinux/config

set SELINUX=disabled

# service iptables stop
# chkconfig iptables off

 

9. Download Oracle Database binary to home directory and prepare the staging area

# su – oracle

# cd /home/oracle

# unzip Oracle_Database_12CR2_linux_x64_12201.zip

This creates a directory ‘database’ with the installation files in it

 

10. Create Response File and Install Database Software in Silent Mode

Create a copy of the response file and add parameters for installation

# cd /home/oracle/database/response

# ls -ltrh

-rwxrwxr-x 1 oracle oinstall 6.1K Jun 20 2016 netca.rsp
-rwxrwxr-x 1 oracle oinstall 25K Jan 5 2017 dbca.rsp
-rw-rw-r– 1 oracle oinstall 23K Jan 26 2017 db_install.rsp

# cp db_install.rsp ../

# vi db_install.rsp

Now add below values for the parameters as per the directory structure you created

 

oracle.install.option=INSTALL_DB_SWONLY
UNIX_GROUP_NAME=oinstall
INVENTORY_LOCATION=/u01/app/oraInventory
ORACLE_HOME=/u01/app/oracle/product/12.2.0.1/dbhome_1
ORACLE_BASE=/u01/app/oracle
oracle.install.db.InstallEdition=EE
oracle.install.db.OSDBA_GROUP=dba
oracle.install.db.OSOPER_GROUP=dba
oracle.install.db.OSBACKUPDBA_GROUP=dba
oracle.install.db.OSDGDBA_GROUP=dba
oracle.install.db.OSKMDBA_GROUP=dba
oracle.install.db.OSRACDBA_GROUP=dba
oracle.install.db.OSRACDBA_GROUP=dba
SECURITY_UPDATES_VIA_MYORACLESUPPORT=false
DECLINE_SECURITY_UPDATES=true

Make sure the above parameters are not duplicated if you will copy and paste the above values 🙂

 

# cd /home/oracle/database

# ./runInstaller -silent -responseFile /home/oracle/database/db_install.rsp

if you get error Oracle runInstaller – CreateOUIProcess(): 13 : Permission denied

Then change temporary directory to home directory and run installer again

# mkdir -p $HOME/tmp
# export TMP=$HOME/tmp

Run the installer again

# ./runInstaller -silent -responseFile /home/oracle/database/db_install.rsp

 

11. Run root scripts and complete install

If all goes well you will get below message

Starting Oracle Universal Installer…

Checking Temp space: must be greater than 500 MB. Actual 68933 MB Passed
Checking swap space: must be greater than 150 MB. Actual 3958 MB Passed
Preparing to launch Oracle Universal Installer from /home/oracle/tmp/OraInstall2018-07-05_04-21-40AM. Please wait …[oracle@vps database]$ You can find the log of this install session at:
/u01/app/oraInventory/logs/installActions2018-07-05_04-21-40AM.log
The installation of Oracle Database 12c was successful.
Please check ‘/u01/app/oraInventory/logs/silentInstall2018-07-05_04-21-40AM.log’ for more details.

As a root user, execute the following script(s):
1. /u01/app/oracle/product/12.2.0/dbhome_1/root.sh

 

Run the script by opening another session with root user and setup will complete successfully

Successfully Setup Software.

 

12. Create Database in Silent Mode

find the file dbca.rsp and make a copy of it and update below parameters

# cd $ORACLE_HOME/assistants/dbca/

# cp dbca.rsp $ORACLE_HOME

# vi dbca.rsp

gdbName=ora12c
sid=ora12c
databaseConfigType=SI
createAsContainerDatabase=false
templateName=General_Purpose.dbc
sysPassword=sys123
systemPassword=sys123
emConfiguration=NONE
datafileDestination=/u01/oradata
recoveryAreaDestination=/u01/fra
storageType=FS
characterSet=AL32UTF8
sampleSchema=TRUE
memoryPercentage=40

ora12c is global database name

# dbca -silent -createDatabase -responseFile dbca.rsp

53% complete
54% complete
55% complete
58% complete
Completing Database Creation
59% complete
60% complete
61% complete
64% complete
68% complete
69% complete
Executing Post Configuration Actions
100% complete

 

13. Create Listener and Register Database

# cd $ORACLE_HOME/network/admin

# vi listener.ora

LISTENER =
(ADDRESS_LIST=
(ADDRESS=(PROTOCOL=tcp)(HOST=localhost)(PORT=1521))
(ADDRESS=(PROTOCOL=ipc)(KEY=PNPKEY)))

# lsnrctl start

# sqlplus “/as sysdba”

SQL> alter database register;

# lsnrctl status

Services Summary…
Service “ora12c” has 1 instance(s).
Instance “ora12c”, status READY, has 1 handler(s) for this service…
Service “ora12cXDB” has 1 instance(s).
Instance “ora12c”, status READY, has 1 handler(s) for this service…
The command completed successfully