Home Learn the Basics View Content Add Content Create Pages Build Portlets Administer Page Groups Administer the Portal Try the Hands-On Exercises
Home
Home
Previous PageGo to page 1 of 8Go to page 2 of 8Go to page 3 of 8Current page 4 of 8Go to page 5 of 8Go to page 6 of 8Go to page 7 of 8Go to page 8 of 8Next Page
  Send us your feedback
Supported Cipher Suites Encryption Data Integrity
SSL_RSA_WITH_3DES_EDE_CBC_SHA DES40 SHA
SSL_RSA_WITH_RC4_128_SHA RC4_40 SHA
SSL_RSA_WITH_RC4_128_MD5 None MD5
SSL_RSA_WITH_DES_CBC_SHA None SHA
SSL_DH_anon_WITH_3DES_EDE_CBC_SHA 3DES_EDE_CBC SHA
SSL_DH_anon_WITH_RC4_128_MD5 RC4_40 MD5
SSL_DH_anon_WITH_DES_CBC_SHA DES_CBC SHA
SSL_RSA_EXPORT_WITH_RC4_40_MD5 RC4_40 MD5
SSL_RSA_EXPORT_WITH_DES40_CBC_SHA DES40 SHA
SSL_DH_anon_EXPORT_WITH_RC4_40_MD5 RC4_40 MD5
SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA DES40 SHA

SSL Setup: Authentication Methods and Configuration set creation

There are three ways to setup SSL with OID.

SSL No Authentication

SSL One Way Authentication a.k.a Server Authentication

SSL Two Way Authentication a.k.a Client and Server Authentication

Before we explore these three methods we should create a new OID configuration set and restart OID using this new configuration set. The default OID configuration set will work for the hands-on exercises in this section but it is a good idea to leave the default configuration set alone and work with a new one. This way if you make a mistake you can quickly restart OID using the default configuration set.

Creating a new OID Configuration Set

Every OID server configuration set has both an SSL and a non SSL port. In other words when you start an OID server instance you have two ports listening for LDAP requests. One of them is SSL enabled and the other is non SSL.

Configure a new OID server configuration set using the Oracle Directory Manager. If you completed the server configuration set hands-on exercise in the section titled "Start and Stop OID" you can skip this hands-on exercise.

Configuration Setup Steps

In the Oracle Directory Manager navigate to Server Management -> Directory Server -> Default Configuration Set.

Highlight the "Default Configuration Set" and then select "Create Like".

A new window will appear with all of the same configuration set information as the "Default Configuration Set".

Under the "General" tab change the "Number of Child Processes to 4.

Under the "General" tab change the "Non SSL Port" number to 4054.

Under the "SSL Setting" tab change the "SSL Port" number to 4055.

Click ok.

Now stop the OID server and restart it using the new "Configuration Set1".

Example: oidctl connect=iasdb server=oidldapd instance=1 stop

Wait! Verify the oidldapd server processes have stop before starting the server again.

Example: oidctl connect=iasdb server=oidldapd instance=1 configset=1 start

Now verify the connection to the new configset by connecting to OID using the non SSL port number 4054.

Now your finished

Launch Viewlet Heres how its done
Oracle Logo Next Page