Oracle Internet Directory 11g. As it set up SSL on port 636
Usually, when the Oracle Internet Directory 11g is set to standard ports, there is no problem with SSL.
When you want to SSL working on port 636, you must configure SSL in accordance with article in the Oracle® Fusion Middleware Administrator's Guide for Oracle Internet Directory 11g Release 1 (11.1.1) Part Number E10029-02
http://docs.oracle.com/cd/E14571_01/oid.1111/e10029/ssl.htm
I set up through WLST, and as it turned out, there are errors in the article.
addSelfSignedCertificate function accepts input parameters is not 8, as indicated in the article, and 7.
I have it correctly configured to the following parameters addSelfSignedCertificate ( 'asinst_1', 'oid2', 'oid', 'oid', 'Zzzzzzzz', 'cn = oid', '512').
When configuring the file "myfile.prop" select an encryption algorithm.
Select the first of these "SSL_RSA_WITH_RC4_128_MD5".
Total received the following list of executed commands:
1. Run wlst
2. connect ( 'weblogic', 'Zzzzzzzz', '192.168.1.1:7001')
3. listWallets ( 'asinst_1', 'oid2', 'oid')
4. custom ()
5. ls ()
6. cd ( 'oracle.as.oid')
7. ls ()
8. listWallets ( 'asinst_1', 'oid2', 'oid')
9. createWallet ( 'asinst_1', 'oid2', 'oid', 'oid', 'Zzzzzzzz')
10. addSelfSignedCertificate ( 'asinst_1', 'oid2', 'oid', 'oid', 'Zzzzzzzz', 'cn = oid', '512')
11. configureSSL ( 'asinst_1', 'oid2', 'oid', 'sslport1', 'myfile.prop')
myfile.prop file is put in the directory / oracle / Oracle_IDM1 / common / bin, where ran ./wlst.sh
File contents:
KeyStore = oid
AuthenticationType = Server
SSLVersions = nzos_Version_1_0
Ciphers = SSL_RSA_WITH_RC4_128_MD5
SSLEnabled = true
12. Restart the OID
13. ./opmnctl updatecomponentregistration -adminHost 192.168.1.1 -adminPort 7001 -adminUsername weblogic -componentType OID -componentName oid2 -Port 389 636 -Sport
Done.
Hiç yorum yok:
Yorum Gönder