Oracle® Collaboration Suite SSL Configuration Release 2 (9.0.4) Part Number B15611-01 |
|
|
View PDF |
Before you begin configuring the Oracle Collaboration Suite components for SSL, you must have a valid, working installation of Oracle Collaboration Suite. For detailed instructions, refer to Oracle Collaboration Suite Installation and Configuration Guide specific to your platform. This chapter provides information to help you confirm that your Oracle Collaboration Suite installation is installed correctly before you begin the SSL configurations.
Special Considerations for a Single-Box Installation
The challenge with enabling SSL on a single-box installation is that both the Infrastructure Tier and the Middle Tier have Oracle HTTP Server processes that need to share ports. This prevents you from using the standard HTTP and HTTPS ports (80 and 443) for accepting incoming requests from the browser. One way to work around this port conflict is to set up Web Cache as a reverse proxy to listen for incoming requests on the standard ports, preferably in the DMZ. Web Cache listens on ports 80 and 443 and translates the requests to the listening ports of the Infrastructure and Middle Tier components.
Note: In a single-box installation, Web Cache is disabled on the Middle Tier in the example described in this document. Any references to Web Cache in a single-box installation are actually references to the Web Cache reverse proxy. |
This chapter contains the following topics:
The following naming conventions are used in this document to represent information that is specific to your environment:
midtierhostname
represents the fully qualified host name of your Middle Tier computer, for example, myhost.company.com
. In a single-box installation, you must use the Web Cache host name, which may or may not be the same as the Middle Tier host name.
infratierhostname
represents the fully qualified host name of your Infrastructure tier server, for example, myhost.company.com
. In a single-box installation, you must use the IP address of the Infrastructure server instead of the host name to differentiate it from the Middle Tier installation.
$ORACLE_HOME
is the location where your Oracle Collaboration Suite installation resides on either the Infrastructure or Middle Tier.
webcachehostname
represents the host name of your Web Cache reverse proxy server. For a single-box installation, all requests to webcachehostname
will be forwarded to the Middle Tier applications.
webcacheipaddress
represents the IP address of your Web Cache reverse proxy server. The IP address should resolve to the webcachehostname
when using nslookup
. This will only be used in a single-box installation where all requests to webcacheipaddress
will be forwarded to the Infrastructure (Oracle9iAS Single Sign-On).
The requirements described in this section assume that your Oracle Collaboration Suite installation meets the following system requirements:
Oracle Collaboration Suite release 9.0.4.1 or 9.0.4.2.
Update your PATH
environment variable to include the $ORACLE_HOME
/bin
directory and $ORACLE_HOME
/opmn/bin
directory. You should update your PATH
on both the Infrastructure and Middle Tier.
If you have installed all the Oracle Collaboration Suite components on a single box, then the following system requirements apply to your environment:
Single-box installation (Infrastructure tier, Middle Tier, and data store all on the same server.)
Web Cache (reverse proxy) running in the DMZ (or on the Middle Tier).
Middle Tier listens on HTTP port 7778 and HTTPS port 4444.
Infrastructure tier listens on HTTP port 7777 and HTTPS port 4443.
Web Cache (reverse proxy) listens on the standard HTTP port 80 and HTTPS port 443.
Oracle Internet Directory listens on the LDAP port 389.
If you have installed the Oracle Collaboration Suite components on multiple boxes (Middle Tier on one server and Infrastructure tier on a different server), the following system requirements apply to your environment:
Multiple box installation (Infrastructure tier and Middle Tier on different servers)
Web Cache listens on HTTP port 80 and HTTPS port 443 on midtierhostname
Middle Tier Oracle HTTP Server listens on HTTP port 7778 and HTTPS port 4444
Infrastructure tier Oracle HTTP Server listens on HTTP port 80 and HTTPS port 443
Oracle Internet Directory listens on the LDAP port 389 on infratierhostname
Before you begin configuring your Oracle Collaboration Suite installation for SSL, you must first ensure that you have a valid, working installation. It is important that you complete the original installation process without errors. Otherwise, you may not be able to complete the reregistration process necessary for SSL. This section provides some instructions for testing your current Oracle Collaboration Suite installation before beginning the SSL configurations.
Note: If you are not sure about the ports that were assigned at installation time, then you will find the port assignments for your initial installation in:
|
To validate your Oracle Collaboration Suite installation, run the following tests:
Verify that you can log in to Oracle9iAS Single Sign-On Server Administration as the orcladmin
user at the following URL:
http://
infratierhostname:port
/pls/orasso
Verify that you can log in to Oracle Internet Directory Delegated Administration Services (OIDDAS) as the orcladmin
user at the following URL:
http://
infratierhostname:port
/oiddas
Ensure that you are able to add a new user and log out.
Verify that you can access all configured Oracle Collaboration Suite applications that require Oracle9iAS Single Sign-On at the following URLs:
Oracle Email URL = http://
midtierhostname:port
/um/traffic_cop
Oracle9iAS Portal URL = http://
midtierhostname:port
/pls/portal
Oracle Calendar URL = http://
midtierhostname:port
/ocas-bin/ocas.fcgi?sub=web
Oracle Files URL = http://
midtierhostname:port
/files/app
Oracle Web Conferencing URL = http://
midtierhostname:port
/imtapp/app/home.uix
Oracle Ultra Search URL = http://
midtierhostname:port
/files/app/FederatedSearch
The Distributed Configuration Management (DCM) utility, dcmctl
, provides a command-line alternative to using Oracle Enterprise Manager. Ensure that you can run the dcmctl updateConfig
command. Before running dcmctl
you must first shut down Oracle Enterprise Manager (emctl
). Run the following commands:
$ORACLE_HOME/bin/emctl stop $ORACLE_HOME/dcm/bin/dcmctl updateConfig -v -d
Correct any problems with your installation before proceeding. After you have confirmed that there are no errors, shut down everything and perform a cold backup.
See Also: For information about troubleshooting your installation, refer to Oracle Collaboration Suite Installation and Configuration Guide |