Oscar .deb updating

The advantage of using .deb installs is that it simplifies installation and updates.
Dr. Peter Hutton-Czapski has done an excellent job releasing new .debs on a regular basis.

Unfortunately, there can be some unexpected problems..

On an update from deb 169 to 494, I had an unexpected error when the deb could not be found.

The problem was that the dpkg version on the server was not compatible with the dpkg version used to create the .deb
ie. The server was running Ubuntu 10.04, which included an old version of dpkg ( ).

The only solution was to upgrade the server from Ubuntu 10.04 to 12.04.

Once that was done, the dpkg -i for the new deb ran properly.

The final issue was that the deb update script did not update the oscar_mcmaster database with all the schema changes.

To fix that, I ran a comparison between the existing oscar_mcmaster database and the upgraded oscar_12_1 database.

Once all the schema changes were done, Oscar ran perfectly.

Firefix update breaks Oscar access

A recent Firefox update (v 38) will block access if certain security settings are not in place.
If you try to login to Oscar and get:
Error code: ssl_error_weak_server_ephemeral_dh_key
then you need to update /etc/tomcat6/server.xml

You should add the ‘ciphers’ section.

<Connector port=”8443″ maxHttpHeaderSize=”8192″
maxThreads=”150″ minSpareThreads=”25″ maxSpareThreads=”75″
enableLookups=”false” disableUploadTimeout=”true”
acceptCount=”100″ scheme=”https” secure=”true” SSLEnabled=”true”
clientAuth=”false” keystoreFile=”/pathto.keystore” sslProtocol=”TLS”
ciphers=”TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA,SSL_RSA_WITH_RC4_128_SHA” />

After saving the change, just restart tomcat6.
sudo service tomcat6 restart