25 Managing SSL

This section contains the typical SSL management tasks you can perform with Oracle CEP Visualizer, including:

For more information, see Section 20.3, "SSL Management".

25.1 Viewign SSL Configuration

You can view Oracle CEP server SSL configuration using the Oracle CEP Visualizer.

25.1.1 How to View the SSL Configuration for an Oracle CEP Server

Using Oracle CEP Visualizer, you can view the SSL configuration for an Oracle CEP server.

To view the SSL configuration for an Oracle CEP server:

  1. In the left pane, click the Domain > Server node, where Domain refers to the name of your Oracle CEP domain and Server refers to the name of the server instance.

  2. In the right pane, click the SSL tab.

  3. In the left table, click the SSL configuration you want to view as Figure 25-1 shows.

    Figure 25-1 SSL Tab

    Description of Figure 25-1 follows
    Description of "Figure 25-1 SSL Tab"

    The default configuration name is sslConfig.

  4. View the SSL configuration options the right table displays.

    Table 25-1 lists the SSL configuration options.

    Table 25-1 SSL Options

    Option Description

    Name

    The name of the selected SSL configuration.

    Key Store

    The file path and name of the key store certificate file contains a self-signed certificate.

    The file path is relative to the ORACLE_CEP_HOME/user_projects/domains/DOMAIN_DIR/servername directory, where ORACLE_CEP_HOME refers to the Oracle CEP installation directory (such as d:/oracle_cep), DOMAIN_DIR refers to the domain directory (such as my_domain), and servername refers to the server instance directory (such as server1).

    Key Store Pass

    The key store password.

    Key Store Alias

    The key store alias.

    Key Store Type

    The key store type.

    Key Manager Algorithm

    The key manager algorithm.

    SSL Protocol

    The SSL protocol.

    Trust Store

    The file path and name of the key store certificate file contains a self-signed certificate.

    The file path is relative to the ORACLE_CEP_HOME/user_projects/domains/DOMAIN_DIR/servername directory, where ORACLE_CEP_HOME refers to the Oracle CEP installation directory (such as d:/oracle_cep), DOMAIN_DIR refers to the domain directory (such as my_domain), and servername refers to the server instance directory (such as server1).

    Trust Store Pass

    The trust store password.

    Trust Store Alias

    The trust store alias.

    Trust Store Type

    The trust store type.

    Trust Manager Algorithm

    The trust store algorithm.

    Enforce Fips

    Whether or not Oracle CEP server uses a Federal Information Processing Standards (FIPS)-certified pseudo-random number generator for SSL.

    For more information, see "FIPS" in Oracle Complex Event Processing Administrator's Guide.

    Need Client Auth

    Whether or not Oracle CEP server uses client authentication.

    Secure Random Algorithm

    The FIPS secure random algorithm, such as FIPS186PRNG.

    Secure Random Provider

    The FIPS secure random provider, such as com.rsa.jsafe.provider.JsafeJCE.

    Cipher

    The SSL ciphers.

25.2 Editing SSL Configuration

You can only view the SSL configuration of your Oracle CEP server using Oracle CEP Visualizer. To change the configuration, you must manually update the server's config.xml file.

For more information, see "Configuring SSL to Secure Network Traffic" in the Oracle Complex Event Processing Administrator's Guide.