Java: Import AWS RDS certificate

To establish secure connection between Java application and AWS MySQL RDS instance the ssl/tls certificate needs to be imported in to JVM.

Step #1: Find Java home

Using the following commands you can find the Java home directory

whereis java
ls -l /etc/alternatives/java

Step #2: backup existing cacerts file for future reference

cp $JAVA_HOME/jre/lib/security/cacerrts $JAVA_HOME/jre/lib/security/cacerrts.original

Here are the steps to import RDS certificate into JVM

openssl x509 -outform der -in rds-ca-2019-root.pem -out rds-ca-2019-root.der
keytool -import -alias rds-root -keystore $JAVA_HOME/jre/lib/security/cacerrts -file rds-ca-2019-root.der
openssl x509 -outform der -in rds-ca-2019-us-west-2.pem -out rds-ca-2019-us-west-2.der
keytool -import -alias rds-intermediate -keystore $JAVA_HOME/jre/lib/security/cacerts -file rds-ca-2019-us-west-2.der

Step #3: Update JDBC url in your Java application

Here is the sample JDBC url with SSL enabled


Design pattern to scale relational database horizontally

Database scalability is one of the critical factor in designing scalable web application. All the four major cloud vendors (Amazon, Microsoft, Google and Oracle) offers relational database as service which abstracts several complexities for developers to setup and manage database servers that helps developers focus on core application development. Even with cloud vendors’ service based offering scaling database horizontally (or scale out) still a challenge which developers can resolve at application level. In this post I would like to talk about the challenges and possible solution for same.

Read more of this post

Monitoring HttpSession memory leak during JavaEE development

In my previous post I have provided a sample servlet filter to monitor non-serializable objects in HttpSession to make the JavaEE application compatible for clustered environment. We have enhanced the same servlet filter to log HttpSession object size which is helping us to find the memory leak during the development.

Here is the Java code
Read more of this post

Java: Sample Active Directory authentication code

Here is a sample Java code to authenticate against Windows Active Directory server.

  • The code finds all available active directory servers in your network.
  • It uses one of the available active directory server for authentication.
  • If an active directory server is down then it starts using next available server if any.
  • This class is thread-safe, you can create one instance and re-use them multiple times.
  • I tested this code from Linux and Windows box.

You can find the below source code in GitHub as well.
Read more of this post

Some statistics on programming language

Some interesting statistics on open source programming language based on TIOBE Programming Community Index.

Programming Language First
Oct 2013


































JavaEE – Clustering support in JSF, Wicket, ZK, etc.

When a seasoned MVC framework developer starts writing code in component based framework like JSF, Wicket, ZK, etc. they fail to understand the basic differences between MVC and component based framework because they could write code which can work in non-clustered environment i.e. in single JVM deployment. When the same application is deployed in a clustered environment they start realizing the difference which will require lots of effort revisit all the code and make it compatible for clustering. I am going to talk about a few guidelines on making development (on top of component based framework ) cluster aware.
Read more of this post

Simple vs. Complex design

Some of my favorite quotes and comments about simple vs. complex design.

  • achieving a simple, elegant design is very hard work but
  • since the design is so simple and elegant it looks like it should be easy.
  • so you get less credit than if you design something that looks complicated

Read more of this post

Capture Heap dump from Tomcat Windows Service

Add the following options into Tomcat >> Java >> Java Options

  • Goto JAVA_HOME/bin directory and launch jconsole.exe application
  • In the remote process box enter localhost:8086 and click Connect button
  • Switch to the MBeans tab
  • select – HotSpotDiagnostic – Operations – dumpHeap in the tree on the left
  • Pressing the dumpHeap button creates the heap dump. The parameter called p0 allows you to specify into which target file the heap is dumped.

Alternative to JPA / Hibernate

Ours is a legacy application, we are migrating from desktop to JavaEE web based application. Since it is desktop application database triggers, functions and procedures are heavy used to do lots important functionality. Some of our team members were proposing JPA to move trigger, function and procedure logic to Java layer but many of us (including me) felt is too risky for our business, time to market and lots of data needs to be migrated.

I started looking for a simple alternative framework for JPA which can help us to retain database objects at the same time simplify our Java code like JPA . Here are my findings Read more of this post

Java vs. JavaScript coding

In today’s web programming many Java developers write JavaScript coding hence they tend to follow Java best practice and coding style in JavaScript as well. But there is huge amount of difference in both the coding style and best practices.

Read more of this post

There is no language yet available to replace Java!

There is a perception created in the software development industry that Java is out-dated and Ruby, Python, Scala, etc. are going to take over Java’s position. Some “hyper-enthusiasts” are already left Java platform. Sun’s profit model collapse, Applet, Jini, EJB and JSF heavyweight framework failures added fuel to these campaigns. I still believe no language yet available in the market to replace Java. I don’t have to talk why Java is better because it is proven solution for more than a decade but I would like to talk about how false campaigns are created by “hyper-enthusiasts”. It is easy to fall into these false campaigns because as a developer we want new challenges and something new to learn. Read more of this post

Wish you a happy new year 2010

When your views on the world and your intellect are being challenged and you begin to feel uncomfortable because of a contradiction you’ve detected that is threatening your current model of the world or some aspect of it, pay attention. You are about to learn something. This discomfort and intellectual conflict is when learning is taking place.
~ William H. Drury, quoted in Chance and Change: A collection of essays on human ecology written the faculty and staff of College of the Atlantic (Dedication, 1991)

Wicket in OC4J / OracleAS

Recently I tried deploying wicket framework based web application in OC4J container it didn’t work, whereas the same code works well in Tomcat. While googling found a few solution which recommends to use wicket servlet configuration instead of servlet filter to resolve the issue. I did the same but no luck. Then I tried associating a bookmarkable page for the homepage then it works well. Here is the code snippet: Read more of this post

JRebel – a productive tool for Java developers

Java Rebel – a very useful productive tool
One of my friend told me about JavaRebel. Later I tried with eclipse it worked well. The installation and setups are very simple and easy. It saves a lot of time for enterprise class projects. Now you don’t have to restart Tomcat for each changes. Try out today, enjoy the productivity.

Java – Object XML Mapping

Have you written 1000s of buggie lines of code to parse XML? Generating an XML is easy but when it comes to XML parsing/import it is hard. We have to think about many scenarios and deal with many combinations. I use to prefer XPath API for XML import because I can fetch required values as they way/order I want rather than iterating all nodes in DOM structure. XPath is better than DOM coding but is not the best solution. So I started looking for a solution similar to Hibernate for XML to Object translation. Read more of this post