| Bookshelf Home | Contents | Index | PDF |   |
|
Oracle® Business Intelligence Enterprise Edition Deployment Guide > Enabling Secure Communication in Oracle Business Intelligence > Creating Certificates and KeysFor secure communication to occur between Oracle BI components, the BI component acting as the server must possess a public key and a private key for session negotiation. A server certificate provides the public key and server identity information to the client Oracle BI component. If client authentication is to be enabled, then the client Oracle BI component must possess a client certificate and private and public keys. Public and private keys may be generated using toolkits such as OpenSSL. The tools also generate a certificate request to be signed by a commercial Certificate Authority (CA) such as Verisign To configure SSL you will require a server certificate (issued and signed by a trusted CA), a server public key and a private key. If client components are to be authenticated, then you will require a client certificate (issued and signed by a CA), a client public key and private key. The supported file formats are .pem, .cer (PEM encoding) and .der. Oracle Business Intelligence provides an executable called openssl along with a configuration file that can be used to create certificate requests and keys. The openssl executable is based on OpenSSL. OpenSSL uses the PEM file format to store certificates and keys. The certificate request can be submitted to an outside CA. For testing purposes, the certificate requests may be signed using the root Certificate Authority generated by the executable. For BI components such as BI Javahost and the BI Presentation Services Plug-in (Java Servlet) that are Java based, a Java certificate store must be created that contains all key and certificate data. The following are the steps to producing a certificate:
|
| |
| Oracle® Business Intelligence Enterprise Edition Deployment Guide | Copyright © 2006, Oracle. All rights reserved. | |