Oracle^® Business Intelligence Enterprise Edition Deployment Guide > Enabling Secure Communication in Oracle Business Intelligence > Configuring Oracle Business Intelligence to Communicate Over SSL >

Configuring Oracle BI Javahost for Communication Over SSL

The BI Javahost component is Java based and uses the Java Keystore to store certificates and keys that it uses. The keystore that was created in topic Creating the Java Keystore is used.

BI Javahost is configured by setting the config.xml file. The SSL-related settings are under the Listener node. The Secure element when set to true enables SSL. The SSL sub-element under the Listener nodes specifies additional SSL settings.

To configure Oracle BI Javahost for communication over SSL

1. Open the config.xml file for editing. This file is located in the OracleBI_HOME/web/config directory. On UNIX, this file is located in the OracleBI_HOME/web/config directory.
2. Add the following SSL-related elements and values under the Listener node as shown in the following example:

   <Listener>
   
   .
   <Secure>Yes</Secure>
      <SSL>
         <CertAlias><Alias for certificate and key></CertAlias>
         <CertStoreFile><Path and filename for keystore containing certificate and key></CertStoreFile>
         <CertStorePwd><Keystore password></CertStorePwd>
         <KeyPwd><Password for CertAlias; same as CertStorePwd></KeyPwd>
         <CertStoreType>JKS</CertStoreType>
          <TrustStoreFile><Path and filename for trust store containing CAs></TrustStoreFile>
         <TrustStorePwd><Password for Trust Store></TrustStorePwd>
         <TrustStoreType>JKS</TrustStoreType>
         <TrustAnyPeer>Y</TrustAnyPeer>
   
      <!-- <EnabledCipherSuites/> -->
      </SSL>
   .
   .
   </Listener>

NOTE:  The config.xml file has the above-mentioned elements commented out. You may choose to uncomment the elements and add the corresponding values. Or, you may leave the elements commented out and create new ones as described above.

After modification, the config.xml file should be similar to the following example:

<Listener>
  .
   <Secure>Yes</Secure>
   <SSL>
      <CertAlias>jobmanagerkey</CertAlias>
      <CertStoreFile>D:\OracleBI\ssl\jobmanager.keystore</CertStoreFile>
      <CertStorePwd>analytics</CertStorePwd>
      <KeyPwd>analytics</KeyPwd>
      <CertStoreType>JKS</CertStoreType>
      <TrustStoreFile>D:\OracleBI\ssl\jobmanager.keystore</TrustStoreFile>
      <TrustStorePwd>analytics</TrustStorePwd> <TrustStoreType>JKS</TrustStoreType>
      <TrustAnyPeer>Y</TrustAnyPeer>
   </SSL>|
   .
   .
</Listener>

NOTE:  Copy the Java keystore and trust store to the locations specified in the configuration file. In the example, the jobmanger.keystore also contains the CAs.