Home Learn the Basics View Content Add Content Create Pages Build Portlets Administer Page Groups Administer the Portal Try the Hands-On Exercises
Home
Home
Previous PageGo to page 1 of 10Go to page 2 of 10Go to page 3 of 10Go to page 4 of 10Current page 5 of 10Go to page 6 of 10Go to page 7 of 10Go to page 8 of 10Go to page 9 of 10Go to page 10 of 10Next Page
 

SSL Enabling SSO: Configuring the Wallet (Optional)

The HTTP Server comes with a preconfigured wallet that is used for SSL authentication. The "ssl.conf" file has already been configured to use this wallet. The wallet location is specified in this file with the "SSLWallet" parameter. This parameter by default points to the "ewallet.p12" file which is located in your $ORACLE_HOME/Apache/Apache/conf/ssl.wlt/default directory. For this reason it is not necessary to configure a new certificate or wallet for the HTTP Server.

However, you may want to create a new certificate and place it in a new wallet and wallet location. The following are the steps to create a new certificate, wallet and how to modify the wallet location for the HTTP Server.

Edit the ssl.conf file

Before you begin you should make a backup copy of your "ewallet.p12" wallet file which is located in your $ORACLE_HOME/Apache/Apache/conf/ssl.wlt/default directory.

Change directory to $ORACLE_HOME/Apache/Apache/conf

Copy the ssl.conf file to a backup file.

Example:

Open the file ssl.conf in a text editor.

Locate the line in the file that starts with "SSLWallet file:/"

Change this line to read:

SSLWallet file:/your/oracle/home/path/oca/wallet/ssl

Now search for the line that contains "SSLVerifyClient". This line might be commented out. Remove any "#" sign character that may exist. Change this line look like this:

SSLVerifyClient optional

Save your changes and exit the editor.

Watch a viewlet to see how its done.

Reset the Wallet password

Run the following command:

# $ORACLE_HOME/oca/bin/ocactl setpasswd -type CASSL

Enter the OCA administrators password.

Enter the new wallet password.

Confirm the new wallet password.

Watch a viewlet to see how its done.

Verify your wallet is "Ready"

Start Oracle Wallet Manager.

Click on the "Open Wallet" button.

If you see a message telling you your default wallet home has not been set and further asks you if you want to continue select "Yes".

Navigate to the $ORACLE_HOME/oca/wallet/ssl and then click the "OK" button.

Enter the wallet password.

When your wallet is open, verify that the Certificate status is "Ready".

Exit Oracle Wallet manager.

Watch a viewlet to see how its done.

Restart your Oracle AS infrastructure

# $ORACLE_HOME/oca/bin/ocactl stop

Enter the OCA administrators password.

# emctl stop iasconsole

# opmnctl stopall

# opmnctl startall

# emctl start iasconsole

# $ORACLE_HOME/oca/bin/ocactl start

Watch a viewlet to see how its done.
Oracle Logo
Next Page