Professional Documents
Culture Documents
Enable SSL For EBS R12.1
Enable SSL For EBS R12.1
Enable SSL For EBS R12.1
HOME MY ORACLE ACE JOURNEY ORACLE LINUX SQL QUERIES TRAININGS MY YOUTUBE
In this post, I am sharing how to implement SSL for EBS R12 from the command line using orapki.
Note: No wild card certificate allowed in this method and this will enable only TLS1.0
Login EBS Application server and source using environment file (APPS<sid_machine>.env) located in the
APPL_TOP directory.
1. Navigate to the $INST_TOP/ora/10.1.3 and source the env file to set your 10.1.3
ORACLE_HOME variables.
bash-4.1$ cd $INST_TOP/Apache
bash-4.1$ ls -ltr
total 16
1. Below are the details required to be passed to generate csr file.
3. Use command as below to generate certificate request file and export it.
$ cd $INST_TOP/certs/Apache/
Requested Certificates:
Subject: CN=funebs121.lab,OU=IT,O=Funlab,L=Delhi,ST=Delhi,C=IN ß File requested
User Certificates:
Trusted Certificates:
Then submit the generated request file(server.txt) to Certifying authority to request a self-signed certificate.
1. As the certificate provided is self signed, once Certifying authority provides Self-signed Server
Certificate we need additional certificates to import them to the wallet. We need to download root
certificate, intermediate certificates to import server certigficate to wallet.
2. Once certificate is received save the file as server.crt in ($INST_TOP/certs/Apache). Also import
all the root certificates of this certificate and save certificates with necessary conventions as below.
Server.crt - server_base64.cer
Root & Intermediate certificates can be obtained from Internal Certifying authority if you are using self signed
certificates.
3. Ftp the certificate files to the server and place them in $INST_TOP/certs/Apache directory.
bash-4.1$ cd $INST_TOP/certs/Apache
5. Display Wallet contents and you should see all the certificates uploaded to wallet.
Requested Certificates:
User Certificates:
Subject: CN=funebs121.lab,OU=HR,O=Funlab,L=Delhi,ST=Delhi,C=IN
Trusted Certificates:
Subject: CN=Intermediate Authority,O=Funlab,C=US
6. We need to import root & intermediate certificates to b64InternetCertificate.txt file located in the
10.1.2 ORACLE_HOME/sysman/config directory.
$ cd $INST_TOP/certs/Apache/
Modify the OPMN wallet
As default opmn wallet comes with demo wallet files, these should be now replace with newly created wallets
as below.
3. Move the ewallet.p12 and cwallet.sso files to the BAK directory just created.
4. Copy the ewallet.p12 and cwallet.sso files from the $INST_TOP/certs/Apache directory to the
$INST_TOP/certs/opmn directory.
$ cd $INST_TOP/certs/opmn
$ mkdir BAK
$ mv * BAK/
$ cp ../Apache/ewallet.p12 .
$ cp ../Apache/cwallet.sso .
cd $OA_JRE_TOP/lib/security
cp cacerts cacerts.orig
4. Copy your ca.crt and server.crt files to this directory and issue the following command to insure
that cacerts has write permissions:
bash-4.1$ cd -
/oracle/orainst1/d112uk/inst/apps/d112uk_camcfnldap01/certs
bash-4.1$ cd Apache/SSL/
bash-4.1$ ls
Server_base64_certificate.cer ca.crt intermediate_base64.cer
bash-4.1$ cd $OA_JRE_TOP/lib/security
2. Modify all below variables in the context file and save it.
To enable SSL on the Database Tier, We need to import server certificate,ca.crt (and intca.crt if it exists) by
creating an empty wallet.
SQL> /
FND_PROFILE.VALUE('FND_DB_WALLET_DIR')
--------------------------------------------------------------------------------
/u01/GOLD/db/tech_st/11.2.0/appsutil/wallet
3. After setting your environment for the database tier, navigate to the $ORACLE_HOME/appsutil
directory.
7. FTP the certificate files from application server to database server and import them into this Linux scripts R12.2 sudofoa
newly created wallet as below.
Shell Scripting Oracle Cloud
bash-4.1$ pwd
Oracle Database
$ orapki wallet add -wallet $ORACLE_HOME/appsutil/wallet -trusted_cert -cert root_base64.cer -pwd Oracle RAC R12.2 Installation
apps123
Oracle 11g ADOP AWK
$ orapki wallet add -wallet $ORACLE_HOME/appsutil/wallet -trusted_cert -cert intermediate_base64.cer -pwd Oracle Virtual Box Unix
apps123
RAC Installation
Oracle Linux Installation Linux Mint 18
$ orapki wallet add -wallet $ORACLE_HOME/appsutil/wallet -trusted_cert -cert
MultiNode R12.2 AWS DataGuard
123080_base64_certificate.cer -pwd apps123
Linux Mint Amazon Web Services
Autoconfig BIND
8. Test the wallet created from above steps as below and it should return page content.
Concurrent Managers DNS Docker
The above query should return HTML output. Postgres Postgres Installation
Post a Comment
Enter Comment
Comments UrbanPro
Fusion Infotech
Thanks for the nice post. As we provide Oracle
EBS...
r
Trainings Reviews
Great Article Artificial Intelligence Projects Jav...
Have you taken taking from me!! Reviews
Request for a Certificate
Community Forums
Join Telegram Groups
© 2023 - FOA(Fun Oracle Apps) -Learn Oracle Apps/Linux Admin/Bash Scripting/Core/RAC/Datagaurd DBA/Cloud Home AboutMe Disclaimer SiteMap Contact