OAM11gR2: Enabling SSL in the Data Store
Posted
by Ekta Malik
on Oracle Blogs
See other posts from Oracle Blogs
or by Ekta Malik
Published on Tue, 4 Dec 2012 01:42:41 +0000
Indexed on
2012/12/04
11:19 UTC
Read the original article
Hit count: 457
/Oracle
Enabling SSL in the Data Store of OAM11gR2 comprises of the below mentioned steps.
- Import the certificate/s required for establishing the trust with the Store(backend) in the keystore(cacerts) on the machine hosting OAM's Weblogic Admin server
- Restart the Weblogic Admin server
- Specify the <Hostname>:<SSL port> in the "Location" field of the Data Store and select the "Enable SSL" checkbox
Pre-requisite:-
- Certificate/s to be imported are available for import
- Data Store has already been created using OAM admin console and the connection to the store is successful on non-SSL port( though one can always create a Data Store with SSL settings on the first go)
Steps for importing the certificate/s:-
One can use the keytool utility that comes bundled with JDK to import the certificate. The step for importing the certificate would be same for self-signed and third party certificates (like VeriSign)
$JAVA_HOME/bin/keytool -import -v -noprompt -trustcacerts -alias <aliasname> -file <Path to the certificate file> -keystore $JAVA_HOME/jre/lib/security/cacerts
Here $JAVA_HOME refers to the path of JDK install directory
Note: In case multiple certificates are required for establishing the trust, import all those certificates using the same keytool command mentioned above
One can verify the import of the certificate/s by using the below mentioned command
$JAVA_HOME/bin/keytool -list -alias <aliasname>-v -keystore $JAVA_HOME/jre/lib/security/cacerts
When the trust gets established for the SSL communication, specifying the SSL specific settings in the Data Store (via OAM admin console) wouldn't result into the previously seen error (when Certificates are yet to be imported) and the "Test Connection" would be successful.© Oracle Blogs or respective owner