|
Oracle® Application Server Quick Administration Guide
10g Release 2 (10.1.2) Part No. B14126-01 |
|
 Previous |
 Next |
|
Oracle® Application Server Quick Administration Guide
10g Release 2 (10.1.2) Part No. B14126-01 |
|
|
Previous |
Next |
This chapter describes how to change Oracle HTTP Server port numbers. It contains the following topics:
This section describes how to change port numbers in Middle Tier instances and update any other affected components. It contains the procedure to change the Oracle HTTP Server Listen Port (SSL or Non-SSL).
When you change the Oracle HTTP Server Listen directive, there are often dependencies that must also be set. For example, if you are using OracleAS Web Cache to improve the performance of your Oracle Application Server instance, then you must modify the OracleAS Web Cache origin server settings whenever you modify the Oracle HTTP Server Listen ports.
To be sure the port dependencies are modified correctly, you can use a single Java command to change the Oracle HTTP Server Listen port. The Java command automatically modifies the necessary configuration files within the Oracle home and optionally restarts the required components within the Oracle home.
The following sections describe how to define the portconfig command and then use it to modify the Oracle HTTP Server Listen SSL or non-SSL port:
Enabling Oracle HTTP Server to Run as Root for Ports Set to Less Than 1024 on UNIX Systems
Using the portconfig Command to Change the Oracle HTTP Server Listen Port (SSL or Non-SSL)
Perform this step before you change the Oracle HTTP Server Listen port if you are on a UNIX system and you are changing the Listen port to a number less than 1024.
By default, Oracle HTTP Server runs as a non-root user (the user that installed Oracle Application Server). On UNIX systems, if you change the Oracle Application Server SSL listen port number to a value less than 1024, then you must enable Oracle Application Server to run as root, as follows:
Log in as root.
Run the following commands in the Middle Tier Oracle home:
cd ORACLE_HOME/Apache/Apache/bin
chown root .apachectl
chmod 6750 .apachectl
Use the following procedure to change the Oracle HTTP Server SSL or non-SSL port:
Set the ORACLE_HOME environment variable to the home directory of the Oracle Application Server instance where the Oracle HTTP Server resides.
For example:
setenv ORACLE_HOME /dev0/private/oracle/appserv1/ (UNIX) set ORACLE_HOME=D:\oracle\appserv1\ (Windows)
On UNIX systems, set the LD_LIBRARY_PATH environment variable to $ORACLE_HOME/lib32 and the LD_LIBRARY_PATH_64 environment variable to $ORACLE_HOME/lib.
Create an alias (on UNIX systems) or a DOSKEY macro (on Windows systems) to represent the portconfig command.
For example, to execute the command as an alias on UNIX systems, enter the following command:
alias portconfig '$ORACLE_HOME/jdk/bin/java -cp $ORACLE_HOME/sysman/webapps/emd/WEB-INF/lib/emd.jar: $ORACLE_HOME/dcm/lib/dcm.jar: $ORACLE_HOME/sso/bin/ssoreg.sh oracle.sysman.ias.sta.tools.PortConfigCmdLine \!*'
Similarly, to execute the command as DOSKEY macro on Windows systems, enter the following at the DOS command line:
doskey portconfig=%ORACLE_HOME%\jdk\bin\java -cp %ORACLE_HOME%/sysman/webapps/emd/WEB-INF/lib/emd.jar; %ORACLE_HOME%/dcm/lib/dcm.jar; %ORACLE_HOME%/sso/bin/ssoreg.bat oracle.sysman.ias.sta.tools.PortConfigCmdLine $*
Use the newly created portconfig command as follows:
portconfig -oracleHome ORACLE_HOME -oldPort old_port -newPort new_port [-sso -url http://sso_host:port -user http_server_admin_user [-site name_of_sso_partner_application] [-admin mod_osso_admin_user] [-vHost path_to_mod_osso_configuration_file]] [-webCache] {-start | -restart}
For example, on UNIX systems:
portconfig -oracleHome $ORACLE_HOME -oldPort 7777 -newPort 7778 -webCache
For example, on Windows systems:
portconfig -oracleHome %ORACLE_HOME% -oldPort 7777 -newPort 7778 -webCache
Table 4-1 describes the arguments available when you use the portconfig command to automatically change the Oracle HTTP Server Listen port.
Table 4-1 Arguments for the portconfig Command
| Argument | Description |
|---|---|
-oracleHome
|
The Oracle home of the Oracle Application Server instance. The portconfig command modifies only components that are part of the selected Oracle home. You can use an environment variable to represent the Oracle home.
|
-oldPort
|
The old (current) value of the Oracle HTTP Server Listen port. |
-newPort
|
The new value for the Oracle HTTP Server Listen port. |
-webCache
|
Use this optional argument if you are using OracleAS Web Cache to improve the performance and reliability of your Web server. When this argument is included on the command line, the dependent OracleAS Web Cache port assignment will be changed automatically.
Specifically, the port number of the origin server will updated automatically so it points to the new Oracle HTTP Server Listen port. Note: The |
-start
|
When you use this optional argument, the portconfig command performs the configuration changes, and then stops and starts the application server instance. The Oracle Application Server instance must be stopped and started—or restarted—before the port changes will take effect.
Note that during startup, all enabled components of the application server are started, even those that were originally down before you ran the Compare with the |
-restart
|
When you use this optional argument, the portconfig command performs the configuration changes, and then restarts the application server instance. The Oracle Application Server instance must be restarted—or stopped and started—before the port changes will take effect.
With this option, only already running components are restarted after the configuration changes are complete. Components that were down before you ran the Compare with the |
-debug
|
Use this optional argument if you want to display debugging information as the command executes. This argument can be useful if you are troubleshooting a problem or working with Oracle Support. |
-sso
|
Use this optional argument when the Listen port you are changing is protected by OracleAS Single Sign-On.
When you use this argument, the When you use the For more information about registering mod_osso, refer to Configuring and Administering Partner Applications in the Oracle Application Server Single Sign-On Administrator's Guide. |
-url
|
This argument is required when you use the -sso argument.
Use this argument to provide the new Oracle HTTP Server URL, which is also used by OracleAS Single Sign-On and uses the new Listen port. For example: http://sso42.acme.com:7778 This URL is passed as the |
-user
|
This argument is required when you use the -sso argument.
Use this argument to enter the name of the account that is used to start Oracle HTTP Server. On UNIX systems, this is usually The value provided with this argument is passed as the |
-site
|
This argument is optional, however, it can be used only when you also use the -sso argument.
Use this argument to enter the site name of OracleAS Single Sign-On partner application. The site name is displayed by the OracleAS Single Sign-On administration pages. The value of this argument is passed as the |
-admin
|
This argument is optional, however, it can be used only when you also use the -sso argument.
Use this argument to enter the account name of the |
-vHost
|
This argument is optional, however, it can be used only when you also use the -sso argument.
Use this argument to enter the path to the $ORACLE_HOME/Apache/Apache/conf/osso/vh_name/osso.conf
Use this argument only when you are registering an HTTP virtual host with the OracleAS Single Sign-On server. The value of this argument is passed as the |
Restart the application server instance:
(UNIX) ORACLE_HOME/bin/emctl stop iasconsole ORACLE_HOME/opmn/bin/opmnctl stopall ORACLE_HOME/opmn/bin/opmnctl startall ORACLE_HOME/bin/emctl start iasconsole (Windows) ORACLE_HOME\bin\emctl stop iasconsole ORACLE_HOME\opmn\bin\opmnctl stopall ORACLE_HOME\opmn\bin\opmnctl startall ORACLE_HOME\bin\emctl start iasconsole
Changing infrastructure ports is relevant only for Oracle Identity Management installations.
This section describes how to change the Oracle HTTP Server listen port on Oracle Identity Management installation. When you change this port number, you also effectively change the Single Sign-On (SSO) port number. This means you must update any Middle Tier instances that use the Single Sign-On port.
Step 1: Prepare the Middle Tier Instances
On each Middle Tier instance that uses Oracle Identity Management, stop the Middle Tier instance as follows:
On the Application Server home page of the Application Server Control Console, click Stop All.
Leave the Application Server Control Console running.
It is important that you leave the Application Server Control Console running in each of the Middle Tier instances while you perform this procedure.
Step 2: Prepare the Infrastructure Instances
Ensure that Oracle Identity Management and its associated OracleAS Metadata Repository are up and running on the infrastructure whose port number you are changing.
If any Middle Tier instances use different Metadata Repositories for their product metadata and DCM repositories, then ensure that those are up. In short, ensure all Metadata Repositories in your environment are up.
Step 3: Modify the Oracle HTTP Server Listen and Port Directives
To change both the non-SSL Listen and Port directives to the new port number, perform the following steps:
Navigate to the Application Server home page and click Ports.
On the Ports Page, locate the Oracle HTTP Server Listen port and click the icon in the Configure column.
On the Server Properties Page:
Enter the new port number in the Default Port field. This is for the Port directive.
Enter the new port number in the Listening Port column. This is for the Listen directive. There may be more than one listening port listed. The only way to tell which is the non-SSL listen port is to choose the one with the old non-SSL listen port value.
At the bottom of the page, click Apply.
On the Confirmation Page, click No, you would not like to restart now.
|
Note: You can manually update the port numbers in thehttpd.conf file. Update the non-SSL listen and port directives that is not enclosed in an SSL virtual host container with the same new port number. Save the file, and then run the following command:
dcmctl updateConfig -ct ohs
|
To change both the SSL Listen and SSL Port directives to the new port number, perform the following steps:
Edit the following file:
(UNIX) ORACLE_HOME/Apache/Apache/conf/ssl.conf (Windows) ORACLE_HOME\Apache\Apache\conf\ssl.conf
Update the SSL Listen and SSL Port directives with the new port number. The value for Listen and Port must be the same port number.
Save and close the file.
Run the following command:
dcmctl updateConfig -ct ohs
Step 4: Enable Oracle HTTP Server to Run as Root for Ports < 1024 on UNIX
By default, Oracle HTTP Server runs as a non-root user (the user that installed Oracle Application Server). On UNIX systems, if you change the Oracle Application Server non-SSL listen port number to a value less than 1024, then you must enable Oracle HTTP Server to run as root, as follows:
Log in as root.
Run the following commands in the Middle Tier Oracle home:
cd ORACLE_HOME/Apache/Apache/bin
chown root .apachectl
chmod 6750 .apachectl
Step 5: Update the Application Server Control Console
Update the Application Server Control Console with the new port number:
Edit the following file:
(UNIX) ORACLE_HOME/sysman/emd/targets.xml (Windows) ORACLE_HOME\sysman\emd\targets.xml
Update each occurrence of the old Oracle HTTP Server listen port number with the new port number.
Save and close the file.
Reload the Application Server Control Console:
emctl reload
Step 6: Update Single Sign-On
If SSO is configured to use the non-SSL Oracle HTTP Server listen port in the installation where you are changing the port, then ensure that the LD_LIBRARY_PATH and LD_LIBRARY_PATH_64 environment variables contains $ORACLE_HOME/lib (for UNIX only).
If SSO is configured to use the SSL Oracle HTTP Server listen port in the installation where you are changing the port, then run the following command in the SSO Oracle home:
(UNIX) ORACLE_HOME/sso/bin/ssocfg.sh https hostname new_port_number (Windows) ORACLE_HOME\sso\bin\ssocfg.bat https hostname new_port_number
where:
hostname is the host on which SSO is running and new_port_number is the new SSL Oracle HTTP Server listen port number.
To reregister mod-osso, perform the following steps:
(UNIX only) Ensure the LD_LIBRARY_PATH and LD_LIBRARY_PATH_64 environment variables are set.
(Windows only) Set PATH=%PATH%,$ORACLE_HOME%\bin,%ORACLE_HOME%\lib.
If you are changing the non-SSL listen port, then reregister mod_osso to take care of the default partner applications by running the following command in Oracle Identity Management Oracle home (invert the slashes for Windows):
ORACLE_HOME/jdk/bin/java -jar $ORACLE_HOME/sso/lib/ossoreg.jar -oracle_home_path middle_tier_oracle_home -site_name middle_tier_hostname:new_http_port_number -config_mod_osso TRUE -mod_osso_url mod_osso_url -u user
|
Note: user is the user that starts Oracle HTTP Server. By default, this is the user that installed Oracle Application Server. If you have changed the Oracle HTTP Server listen port number to a value < 1024, then this user is root.
|
For example, to change the Oracle HTTP Server listen port to 7779 on host myhost:
ORACLE_HOME/jdk/bin/java -jar $ORACLE_HOME/sso/lib/ossoreg.jar
-oracle_home_path /disk1/oracleas
-site_name myhost:7779
-config_mod_osso TRUE
-mod_osso_url http://myhost.mydomain:7779
-u oracle
If you are changing the SSL listen port, then reregister mod_osso to take care of the default partner applications by running the following command in Oracle Identity Management Oracle home (invert the slashes for Windows):
ORACLE_HOME/jdk/bin/java -jar $ORACLE_HOME/sso/lib/ossoreg.jar -oracle_home_path middle_tier_oracle_home -site_name middle_tier_hostname:new_https_port_number -config_mod_osso TRUE -mod_osso_url mod_osso_url -virtualhost -u user
|
Note: user is the user that starts Oracle HTTP Server. By default, this is the user that installed Oracle Application Server. If you have changed the Oracle HTTP Server listen port number to a value < 1024, then this user is root.
|
For example, to change the Oracle HTTP Server listen port to 4445 on host myhost:
ORACLE_HOME/jdk/bin/java -jar $ORACLE_HOME/sso/lib/ossoreg.jar
-oracle_home_path /disk1/oracleas
-site_name myhost:4445
-config_mod_osso TRUE
-mod_osso_url https://myhost.mydomain:4445
-virtualhost -u oracle
Reregister any additional partner applications that you configured or modified.
|
See Also: Oracle Application Server Single Sign-On Administrator's Guide for more information about registeringmod_osso
|
If you have DAS configured, and DAS uses the SSL and non-SSL port numbers, then follow these steps to update the DAS URL entry in Oracle Internet Directory.
|
Note: You can find out what port DAS uses with the following command:ldapsearch -h oid_host -p oid_port -D "cn=orcladmin" -w "password" -b "cn=OperationURLs,cn=DAS,cn=Products,cn=OracleContext" -s base "objectclass=*" orcldasurlbase |
Create a file named mod.ldif with the following contents (you can create the file in any directory):
dn:cn=OperationURLs,cn=DAS,cn=Products,cn=OracleContext changetype:modify replace:orcldasurlbase orcldasurlbase:http://hostname:new_http_port_number/
Note the slash at the end of the orcldasurlbase URL.
Run the following command:
ldapmodify -D cn=orcladmin -w password -p oid_port -f mod.ldif
Step 9: Update Oracle Application Server Certificate Authority
If you are using OracleAS Certificate Authority:
Reregister OracleAS Certificate Authority with the OracleAS Single Sign-On server by running the following command in the OracleAS Certificate Authority Oracle home:
ocactl changesecurity -server_auth_port port_number
where port_number is the OCA Server Authentication Virtual Host (SSL) port. The default value is 4400.
If OracleAS Certificate Authority is located in a different Oracle home than the OracleAS Single Sign-On server, then restart Oracle HTTP Server and the oca instance in the OracleAS Certificate Authority Oracle home:
opmnctl stopproc ias-component=HTTP_Server opmnctl stopproc process-type=oca opmnctl startproc ias-component=HTTP_Server opmnctl startproc process-type=oca
Step 10: Restart the Identity Management Instance
Restart the Identity Management instance:
emctl stop iasconsole opmnctl stopall opmnctl startall emctl start iasconsole
Step 11: Restart OracleAS Certificate Authority
If OracleAS Certificate Authority is configured in this instance, then restart it:
ocactl start
Step 12: Update the Middle Tier Instances to Use the New Port Number
After you change the Oracle HTTP Server non-SSL port on the Identity Management installation, you must update all middle-tier instances to use the new port number.
Update each middle-tier instance using the Change Identity Management wizard in the Application Server Control Console.
On each middle-tier instance that uses Identity Management:
Using the Application Server Control Console, navigate to the Application Server home page for the Middle Tier instance.
Click the Infrastructure link.
On the Infrastructure Page, in the Identity Management section, click Change.
Follow the steps in the wizard.
When the wizard is finished, navigate to the Application Server Home Page and start the Middle Tier instance by clicking Start All.
Refresh the Oracle Internet Directory cache in your applications:
Log in to the Portal.
Click the global settings link.
Click the SSO/OID tab.
Check the refresh Oracle Internet Directory cache settings and click Apply.
