Configuring SSL & Certificates on OHS

 Step 1: Creating a wallet

Navigate to Middleware home --> oracle_common/bin

Set JAVA_HOME 

orapki wallet create -wallet path_to_keystore/wallet_name -auto_login_only

Step 2: Certification Creation

orapki wallet add -wallet path_to_keystore/wallet_name -dn "CN=External_DNS_NAME.com, OU=Unit_Name, O=Home Fragrance, L=South Deerfield, ST=MA. C=US" -keysize 2048 -validity 3650 -auto_login_only

Step 3: Display Wallet

orapki wallet display -wallet path_to_keystore/wallet_name

Step 4: Export CSR

orapki wallet export -wallet path_to_keystore/wallet_name -dn "CN=External_DNS_NAME.com, OU=Unit_Name, O=Home Fragrance, L=South Deerfield, ST=MA. C=US" -request Path_to_save_CSR/certificate.csr

Step 5:

Sent the CSR to CA to get that signed

Step 6:

Once the CA signed the certificate it will give you 4 certificate to be configured in the system

A. AddTrust.crt

B. TrustedSecure.crt

C. UserTrust.crt

D. ServerCertificate.crt

Step 7: Root and Intermediate Certificates import to trusted_cert

orapki wallet add -wallet path_to_keystore/wallet_name -trusted_cert -cert path_to_signed_certificated\AddTrust.crt -auto_login_only

orapki wallet add -wallet path_to_keystore/wallet_name -trusted_cert -cert path_to_signed_certificated\TrustedSecure.crt -auto_login_only

orapki wallet add -wallet path_to_keystore/wallet_name -trusted_cert -cert path_to_signed_certificated\USERTrust.crt -auto_login_only

orapki wallet add -wallet path_to_keystore/wallet_name -trusted_cert -cert path_to_signed_certificated\ServerCertificate.crt -auto_login_only

Step 8: Import Server certificate

orapki wallet add -wallet path_to_keystore/wallet_name -user_cert -cert path_to_signed_certificated\ServerCertificate.crt -auto_login_only

Step 9: If required you can change the port from 443 to any other port in ssl.conf file

Step 10: Set the proper keystore location path in ssl.conf

#Path to the wallet

SSLWallet "${ORACLE_INSTANCE}/config/${COMPONENT_TYPE}/${COMPONENT_NAME}/keystores/default"

Step 11: Restart OPMN Services


Comments

Post a Comment

Popular posts from this blog

Oracle SOA Application Migration - Lift and Shift

Image
Oracle SOA Source Details Weblogic Version - 12.2.1.0.0 SOA Suit Version - 12.2.1.0.0 Oracle Linux Version - 6.0 Oracle SOA Target Details  As this is a lift and shit migration there is no upgrade hence the version of application remains same Weblogic Version - 12.2.1.0.0 SOA Suit Version - 12.2.1.0.0 Oracle Linux Version - 7.0 Steps to Migrate Oracle SOA using lift and shift method. 1) Copying the binaries from source to target 2) Configuring the domain with new database or existing database 3) Verifying the Domain configuration 4) Starting the application To start with this migration in details, assuming that you already have a database with all existing metadata schema available. As this is a lift and shift method you will even need to have all your existing schema exported and imported to the database where your migrated SOA will connect. 1) Copying the binaries from source to target This step includes copying your full application binaries with same mount...
Read more

Migrating Oracle Database from one instance to another using RMAN

Source DB Version: 12.1.0.2.0 Target DB Version: 12.1.0.2.0 Steps to Migrate Database from one instance to another: 1) Take Full RMAN backup with archivelog & current controlfile from source db. 2) Copy pfile and password file from source db to target db 3) Restore RMAN backup on Target DB On Source Side: We will be targeting to take a hot backup assuming we dont have downtime, hence it is necessary that database is up and running, if not please start the database. Just to note we can even take cold backup, my demonstration will be for hot backup. sqlplus / as sysdba startup Please check if the LOG_MODE is Archive select name,log_mode from v$database; Check for correct ORACLE_SID, if not set the ORACLE_SID echo $ORACLE_SID export ORACLE_SID=ORCL (To Set ORACLE_SID) Next step is to take RMAN Backup RMAN> backup database plus archivelog; RMAN> backup current controlfile; RMAN> exit Take a Pfile backup from the Source Instance SQL> cre...
Read more