To enable SSL for ebs first we need to create a oracle wallet which will be used by SSL otherwise SSL Configuration will fail
------------------------------------------------------
Fix JRE
Log on to the application (middle) tier, as the OS user who owns the application tier files.
Source your
-------------------------------------------------------
[oracle@ebs ~]$ cd $APPL_TOP
[oracle@ebs appl]$ . ./VIS_ebs.env
-------------------------------------------------------
Navigate to the $INST_TOP/ora/10.1.3 and source the
[oracle@ebs ~]$ cd $INST_TOP/ora/10.1.3
[oracle@ebs 10.1.3]$ . ./VIS_ebs.env
*******************************************************
Create a Wallet
Verify the location of the Web SSL directory:
-------------------------------------------------------
[oracle@ebs 10.1.3]$ grep s_web_ssl_directory $CONTEXT_FILE
Navigate to this directory, which will have Apache and opmn subdirectories
[oracle@ebs 10.1.3]$ cd /u01/oracle/VIS/inst/apps/VIS_ebs/certs
[oracle@ebs certs]$ ls
Apache ewallet.p12 opmn
--------------------------------------------------------
Change to the Apache subdirectory
[oracle@ebs certs]$ cd Apache
[oracle@ebs Apache]$
---------------------------------------------------------
Backup any existing wallets (demo certificates are included in Release 12)
---------------------------------------------------------
Create your new wallet:
[oracle@ebs Apache]$ orapki wallet create -wallet . -auto_login -pwd oracle123
"-wallet ." (note the ".") tells orapki that you want to create the wallet in the current directory. You can also specify the full path to any directory where you wish to create a wallet.
" -auto_login" tells orapki that you want to create cwallet.sso which is an obfuscated copy of ewallet.p12. With auto login enabled, processes submitted by the OS user who created the wallet will not need to supply the password to access the wallet.
Error
/u01/oracle/VIS/apps/tech_st/10.1.3/bin/orapki: line 108: /nfs/bld/d26/PRDXBLD9/apps/tech_st/10.1.3/jdk/jre//bin/java: No such file or directory
Reason:
jre path is wrong in orapki file so edit it with text editor and replace
/nfs/bld/d26/PRDXBLD9/apps/tech_st/10.1.3/
with
/u01/oracle/VIS/apps/tech_st/10.1.3/
------------------------------------------------------------
Try again
[oracle@ebs Apache]$ orapki wallet create -wallet . -auto_login -pwd oracle123
You should now see two wallet files in your directory: cwallet.sso and ewallet.p12.
-------------------------------------------------------------
Add Certificated
Add your self-signed certificate to the wallet.
Enter the following command all on one line, substituting the appropriate parameters for your instance:
[oracle@ebs Apache]$ orapki wallet add -wallet . -dn "CN=ebs.localdomain,OU=Unit,O=Org,L=Orlando,ST=Florida,C=US" -keysize 1024 -self_signed -validity 3650 -pwd oracle123
Your wallet is now ready for use in environments where security is not required (as mentioned in the warning note above, self-certification is by definition not secure).
--------------------------------------------------------------
Update Context File parameters
Now Login to EBS and navigate to OAM
Run AutoConfig on application tier to propagate changes
Navigate to $APPL_TOP directory
[oracle@ebs ~]$ cd $APPL_TOP
Source environment file
[oracle@ebs appl]$ . ./VIS_ebs.env
Navigate to Scripts folder under $INST_TOP/admin/scrips (/u01/oracle/VIS/inst/apps/VIS_ebs/admin/scripts)
----------------------------------------------------
[oracle@ebs appl]$ cd $INST_TOP/admin/scriptsRun Autoconfig
[oracle@ebs scripts]$ adautocfg.sh
Enter the APPS user password:
---------------------------------------------------
Restart Application Node Services. Now SSL is enabled for EBS
Open Oracle Forms You can see https is enabled for forms(port 4443) as well
No comments:
Post a Comment