4 Managing Ports

This chapter describes how to view and change Oracle Application Server port numbers. It contains the following topics:

• About Managing Ports

• Viewing Port Numbers

• Changing Middle-Tier Ports

• Changing 10.1.4 or 10.1.2 Infrastructure Ports

4.1 About Managing Ports

Many Oracle Application Server components and services use ports. As an administrator, it is important to know the port numbers used by these services, and to ensure that the same port number is not used by two services on your host.

Most port numbers are assigned during installation. Every component and service has an allotted port range, which is the set of port numbers that Oracle Application Server attempts to use when assigning a port. Oracle Application Server starts with the lowest number in the range and performs the following checks:

• Is the port used by another Oracle Application Server installation on the host?

  The installation may be up or down at the time; Oracle Application Server can still detect if the port is used.

• Is the port used by a process that is currently running?

  This could be any process on the host, even a non-Oracle Application Server process.

If the answer to any of the preceding questions is yes, Oracle Application Server moves to the next highest port in the allotted port range and continues checking until it finds a free port.

You can override this behavior for some ports, and specify a port number assignment during installation. To do this, you edit a template file called staticports.ini, and launch Oracle Universal Installer with special options.

See Also:

Appendix D for a complete list of allotted port ranges. Refer to Oracle Application Server Installation Guide for directions on overriding port assignments during installation with staticports.ini.

4.2 Viewing Port Numbers

You can view the current port numbers by using the following command:

(UNIX) ORACLE_HOME/opmn/bin/opmnctl status -l
(Windows) ORACLE_HOME\opmn\bin\opmnctl status -l

You can also view the port numbers using Application Server Control Console. From the Cluster Topology page, select Runtime Ports.

4.3 Changing Middle-Tier Ports

This section provides complete instructions for changing port numbers in middle-tier instances. The instructions explain how to change the port number, and update any other components that might be affected.

Note:

You can change a port number to any number you want, as long as it is an unused port. You do not have to use a port in the allotted port range for the component. See Appendix D for information on allowed port ranges.

This section contains the following topics:

• Changing the OC4J Listener Port

• Changing Other OC4J Ports

• Changing the Oracle HTTP Server Listen Ports

• Changing the Oracle HTTP Server Diagnostic Port

• Changing the Java Object Cache Port

• Changing OPMN Ports (ONS Local, Request, and Remote)

• Changing the Port Tunneling Port

4.3.1 Changing the OC4J Listener Port

If you selected Oracle WebCenter Framework installation option, no Oracle HTTP Server was installed, but OC4J provides an HTTP listener. You can change OC4J listener using the Application Server Control Console or manual steps:

• Using the Application Server Control Console:

  1. If Java SSO is enabled for Application Server Control Console, disable it:

     From the Cluster Topology page, click Java SSO Configuration. Then, on the Java SSO Configuration page, click Participating Applications. On the Participating Applications page, make sure ascontrol is not checked. Click Apply.

  2. From the Cluster Topology page, click Runtime Ports.

  3. Click the Configure Port icon for the HTTP port of the OC4J instance (by default home.)

  4. In the Ports section of the Server Properties page, locate the Web Sites table. In the table, change the port for default-web-site.

  5. Click Apply.

  6. Restart the OC4J instance:

     (UNIX) ORACLE_HOME/opmn/bin/opmnctl startproc process-type=OC4J_instance
     (Windows) ORACLE_HOME\opmn\bin\opmnctl startproc process-type=OC4J_instance
     
     

• Using manual steps:

  1. Execute the following command. For example, if the OC4J default instance is named home:

     (UNIX) ORACLE_HOME/opmn/bin/opmnctl config port update  ias-component=default_group process-type=home range=8888  portid=default-web-site
     (Windows) ORACLE_HOME\opmn\bin\opmnctl config port update ias-component=default_group process-type=home range=8888  portid=default-web-site
     
     

  2. Reload OPMN:

     (UNIX) ORACLE_HOME/opmn/bin/opmnctl reload
     (Windows) ORACLE_HOME\opmn\bin\opmnctl reload
     
     

  3. Start the OC4J instance that contains the port number you changed:

     (UNIX) ORACLE_HOME/opmn/bin/opmnctl startproc process-type=OC4J_instance
     (Windows) ORACLE_HOME\opmn\bin\opmnctl startproc process-type=OC4J_instance
     
     

     For example, if you changed a port number in the home instance on UNIX:

     ORACLE_HOME/opmn/bin/opmnctl startproc process-type=home
     

4.3.2 Changing Other OC4J Ports

This section describes how to change the following OC4J port numbers:

• AJP

• JMS

• RMI

• RMIS

• IIOP

• IIOPS1 (Server only)

• IIOPS2 (Server and client)

By default, Oracle Application Server does not use a single port number for each type of OC4J port. Instead, it uses a port range for each type of OC4J port and that range is the same for all OC4J instances on the host. During runtime, each OC4J instance on the host is assigned a single free port from the range. For example, if the default AJP range for every OC4J instance on a host is 12501-12600, then each OC4J instance is assigned a single free port from that range for its AJP port.

When changing an OC4J port number, you typically specify a new port range. The range may be a simple port range (12501-12600), a comma separated list of ports (12501, 12504, 12507), or a combination of both (12501-12580, 12583, 12590-12600). By default, the ranges contain 100 ports. If you specify a range that is too narrow, you may encounter problems when starting OC4J instances. The AJP and RMI port ranges are required; the others are optional.

Note:

Note that because the IIOP, IIOPS1, and IIOPS2 ports are not configured by default, they may not be listed in the opmn.xml file. To configure them, you must manually add them to the file.

See the Oracle Containers for J2EE Services Guide for more information.

You can change OC4J port ranges using the Application Server Control Console or manual steps:

• Using the Application Server Control Console:

  1. From the Cluster Topology page, click Runtime Ports.

  2. Click the Configure Port icon for the port you want to change.

  3. In the Ports section of the Server Properties page, change the port range for the port you want to change.

  4. Click Apply.

  5. Navigate to the Cluster Topology page, select the OC4J instance that you modified, and click Restart.

  6. Click Yes on the confirmation page.

• Using manual steps:

  1. Open the opmn.xml file:

     (UNIX) ORACLE_HOME/opmn/conf/opmn.xml
     (Windows) ORACLE_HOME\opmn\conf\opmn.xml
     
     

  2. Locate the element for the OC4J instance that contains the port range you want to change. For example, if you want to change a port range for the home instance, locate this element:

     <process-type id="home" ...>
     
     

  3. Within the OC4J instance element, there is a port element for each type of port. For example, if you installed an instance using the Basic Installation option:

     <port id="default-web-site" range="8888" protocol="http"/>
     <port id="rmi" range="12401-12500"/>
     <port id="rmis" range="12701-12800"/>
     <port id="jms" range="12601-12700"/>
     <port id="iiop" range="13301-13400"/>
     <port id="iiops1" range="13401-13500"/>
     <port id="iiops2" range="13501-13600"/>
     
     

  4. Modify the range parameter for the port you want to change, and then save the file.

  5. Reload OPMN:

     (UNIX) ORACLE_HOME/opmn/bin/opmnctl reload
     (Windows) ORACLE_HOME\opmn\bin\opmnctl reload
     
     

  6. Start the OC4J instance that contains the port number you changed:

     (UNIX) ORACLE_HOME/opmn/bin/opmnctl startproc process-type=OC4J_instance
     (Windows) ORACLE_HOME\opmn\bin\opmnctl startproc process-type=OC4J_instance
     
     

     For example, if you changed a port number in the home instance on UNIX:

     ORACLE_HOME/opmn/bin/opmnctl startproc process-type=home
     

4.3.3 Changing the Oracle HTTP Server Listen Ports

To change the Oracle HTTP Server Listen ports (non-SSL or SSL), you change the Oracle HTTP Server Listen directive. When you do this, there are often dependencies that must also be set. For example, if you are using OracleAS Web Cache Release 2 (10.1.2) to improve the performance of your Oracle Application Server instance, you must modify the OracleAS Web Cache origin server settings whenever you modify the Oracle HTTP Server Listen ports.

The following topics describe how to modify the Oracle HTTP Server HTTP or HTTPS Listen port:

• Enabling Oracle HTTP Server to Run as Root for Ports Set to Less Than 1024 (Unix Only)

• Changing the Oracle HTTP Server Non-SSL Listen Ports

• Changing the Oracle HTTP Server SSL Listen Port

4.3.3.1 Enabling Oracle HTTP Server to Run as Root for Ports Set to Less Than 1024 (Unix Only)

On a UNIX system, if you are changing the Listen port to a number less than 1024, perform these steps before you change the Oracle HTTP Server Listen port.

By default, Oracle HTTP Server runs as a non-root user (the user that installed Oracle Application Server). On UNIX systems, if you change the Oracle HTTP Server Listen port number to a value less than 1024, you must enable Oracle HTTP Server to run as root, as follows:

1. Log in as root.

2. Run the following commands in the middle-tier Oracle home:

   cd ORACLE_HOME/Apache/Apache/bin
   chown root .apachectl
   chmod 6750 .apachectl
   

4.3.3.2 Changing the Oracle HTTP Server Non-SSL Listen Ports

To change the Oracle HTTP Server non-SSL (HTTP) Listen port, follow the procedures in the following tasks. Note that, on a UNIX system, if you are changing the Listen port to a number less than 1024, you must first perform the steps in Section 4.3.3.1.

• Task 1: Modify the Oracle HTTP Server HTTP Listen Directive

• Task 2: Update OracleAS Web Cache

• Task 3: Change the Port Number in Oracle Content DB

• Task 4: Restart the Middle-Tier Instance

Task 1: Modify the Oracle HTTP Server HTTP Listen Directive

To change the Oracle HTTP Server HTTP Listen directive, take the following steps:

1. Open the httpd.conf file:

   (UNIX) ORACLE_HOME/Apache/Apache/conf/httpd.conf
   (Windows) ORACLE_HOME\Apache\Apache\conf\httpd.conf
   
   

2. Update the Listen directive with the new port number.

   There may be multiple Listen directives in this file. Modify the Listen directive that is not enclosed in an SSL virtual host container. The easiest way to locate the proper Listen directive is to search the file for the old port number.

3. If the middle-tier instance is not using OracleAS Web Cache as a reverse proxy, update the Port directive.

   The value for Listen and Port must be the same port number. The following example changes the Listen port to 7779:

   Listen 7779
   Port 7779
   
   

   If the middle-tier instance is using OracleAS Web Cache as a reverse proxy, do not update the Port directive.

Task 2: Update OracleAS Web Cache

If the middle-tier instance is using Release 2 (10.1.2) OracleAS Web Cache as a reverse proxy, you must update OracleAS Web Cache.

For example, for a Release 2 (10.1.2) OracleAS Web Cache standalone instance, take the following steps:

1. From OracleAS Web Cache Manager for the Release 2 (10.1.2) instance, select Origin Servers, Sites, and Load Balancing > Origin Servers.

2. Select the HTTP port and click Edit Selected.

3. In the Edit Application Web Server dialog box, change the number in the Port field.

4. Click Submit.

5. Click Apply Changes.

6. Click Restart.

Task 3: Change the Port Number in Oracle Content DB

If your environment includes Oracle Content DB, you must change the Oracle Content DB Application Port domain property and restart the OC4J_Content instance. See the section "Changing the Oracle Content DB Port Number" in the Oracle Content Database for Oracle WebCenter Suite Administrator's Guide for the specific steps.

Task 4: Restart the Middle-Tier Instance

Restart the application server instance:

• On UNIX systems:

  ORACLE_HOME/opmn/bin/opmnctl stopall
  ORACLE_HOME/opmn/bin/opmnctl startall
  
  

• On Windows systems:

  ORACLE_HOME\opmn\bin\opmnctl stopall
  ORACLE_HOME\opmn\bin\opmnctl startall
  

4.3.3.3 Changing the Oracle HTTP Server SSL Listen Port

To change the Oracle HTTP Server SSL (HTTPS) Listen port, follow the procedures in the following tasks. Note that, on a UNIX system, if you are changing the Listen port to a number less than 1024, you must perform the steps in Section 4.3.3.1.

• Task 1: Modify the Oracle HTTP Server Listen Directive

• Task 2: Update OracleAS Web Cache

• Task 3: Re-register mod_osso

• Task 4: Change the Port Number in Oracle Content DB

• Task 5: Restart the Middle-Tier Instance

Task 1: Modify the Oracle HTTP Server Listen Directive

If you are changing the HTTPS port, change both the SSL Listen and Port directives to the new port number in the Oracle HTTP Server ssl.conf file, using the following steps:

1. Edit the ssl.conf file, located at:

   (UNIX) ORACLE_HOME/Apache/Apache/conf
   (Windows) ORACLE_HOME\Apache\Apache\conf
   
   

2. Update the SSL Listen and SSL Port directives, and the VirtualHost _default directive with the new port number, and then save the file.

   The value for Listen, Port, and VirtualHost _default must be the same port number. The following example shows the directives changed to port 4445:

   Listen 4445
   Port 4445
   <VirtualHost _default_:4445>
   
   

   Save and close the file.

3. Restart the middle-tier instance:

   • On UNIX systems:

     ORACLE_HOME/opmn/bin/opmnctl stopall
     ORACLE_HOME/opmn/bin/opmnctl startall
     
     

   • On Windows systems:

     ORACLE_HOME\opmn\bin\opmnctl stopall
     ORACLE_HOME\opmn\bin\opmnctl startall
     

Task 2: Update OracleAS Web Cache

If the middle-tier instance is using Release 2 (10.1.2) OracleAS Web Cache as a reverse proxy, you must update OracleAS Web Cache. Take the following steps:

1. From OracleAS Web Cache Manager for the Release 2 (10.1.2) instance, select Origin Servers, Sites, and Load Balancing > Origin Servers.

2. Select the HTTPS port and click Edit Selected.

3. In the Edit Application Web Server dialog box, change the number in the Port field.

4. Click Submit.

5. Click Apply Changes.

6. Click Restart.

Task 3: Re-register mod_osso

If you have enabled OracleAS Single Sign-On authentication (that is, you registered mod_osso), follow these steps to re-register mod_osso:

1. On the Identity Management host, set the environment variables ORACLE_HOME and ORACLE_SID.

2. On the Identity Management host, run the ssoreg script, using the -remote_midtier option. The script is located at:

   (UNIX) ORACLE_HOME/sso/bin/ssoreg.sh
   (Windows)ORACLE_HOME\sso\bin\ssoreg.bat
   
   

   For example, on LINUX:

   $ORACLE_HOME/sso/bin/ssoreg.sh -oracle_home_path $ORACLE_HOME
    -config_mod_osso TRUE 
    -site_name myhost.com:7778  
    -remote_midtier 
    -config_file $ORACLE_HOME/Apache/Apache/conf/osso/myosso.conf 
    -mod_osso_url http://myhost.com:7778
   
   

   The resulting configuration file (myosso.conf in the example) is an obfuscated osso configuration file.

3. Copy the obfuscated osso configuration file to the 10g Release 3 (10.1.3.2.0) middle-tier instance.

4. On the middle-tier host, run the following script to complete the registration:

   (UNIX) ORACLE_HOME/Apache/Apache/bin/osso1013 config_file
   (Windows) perl ORACLE_HOME\Apache\Apache\bin\osso1013 config_file
   

Task 4: Change the Port Number in Oracle Content DB

If your environment includes Oracle Content DB, you must change the Oracle Content DB ApplicationUseHttps domain property and restart the OC4J_Content instance. See the section "Changing the Oracle Content DB Port Number" in the Oracle Content Database for Oracle WebCenter Suite Administrator's Guide for the specific steps.

Task 5: Restart the Middle-Tier Instance

Restart the application server instance:

• On UNIX systems:

  ORACLE_HOME/opmn/bin/opmnctl stopall
  ORACLE_HOME/opmn/bin/opmnctl startall
  
  

• On Windows systems:

  ORACLE_HOME\opmn\bin\opmnctl stopall
  ORACLE_HOME\opmn\bin\opmnctl startall
  

4.3.4 Changing the Oracle HTTP Server Diagnostic Port

To change the Oracle HTTP Server Diagnostics port number:

1. Open the dms.conf file:

   (UNIX) ORACLE_HOME/Apache/Apache/conf/dms.conf
   (Windows) ORACLE_HOME\Apache\Apache\conf\dms.conf
   
   

2. Change the old port number to the new port number everywhere it appears in the file, and then save the file. This update includes the Listen directive, OpmnHostPort directive, Redirect directive, and the VirtualHost.

3. Restart Oracle HTTP Server:

   (UNIX) ORACLE_HOME/opmn/bin/opmnctl stopproc ias-component=HTTP_Server
   (UNIX) ORACLE_HOME/opmn/bin/opmnctl startproc ias-component=HTTP_Server
   
   (Windows) ORACLE_HOME\opmn\bin\opmnctl stopproc ias-component=HTTP_Server
   (Windows) ORACLE_HOME\opmn\bin\opmnctl startproc ias-component=HTTP_Server 
   

4.3.5 Changing the Java Object Cache Port

To change the Java Object Cache port number in any installation type:

1. Open the javacache.xml file:

   (UNIX) ORACLE_HOME/javacache/admin/javacache.xml
   (Windows) ORACLE_HOME\javacache\admin\javacache.xml
   
   

2. Under the <communication> element, update the discovery-port parameter in the <coordinator> element with the new port number, and then save the file.

   For example:

   <coordinator discovery-port="7010" />
   
   

3. Restart all OC4J instances which contain J2EE applications that use Java Object Cache:

   (UNIX) ORACLE_HOME/opmn/bin/opmnctl restartproc process-type=OC4J_instance_name
   (Windows) ORACLE_HOME\opmn\bin\opmnctl restartproc process-type=OC4J_instance_name
   

4.3.6 Changing OPMN Ports (ONS Local, Request, and Remote)

This section describes how to change any of the following port numbers:

• ONS Local port

• ONS Request port

• ONS Remote port

To change these ports:

1. Stop the Application Server Control Console, OPMN, and all OPMN-managed processes:

   (UNIX) ORACLE_HOME/opmn/bin/opmnctl stopall
   (Windows)ORACLE_HOME\opmn\bin\opmnctl stopall
   
   

2. Open the opmn.xml file:

   (UNIX) ORACLE_HOME/opmn/conf/opmn.xml
   (Windows) ORACLE_HOME\opmn\conf\opmn.xml
   
   

3. Under the <notification-server> element, modify the local, remote, or request parameter, depending on the port you are changing, in the <port> element, and then save the file.

   For example:

   <port local="6101" remote="6201" request="6004"/>
   
   

4. Start Application Server Control Console, OPMN, and all OPMN-managed processes:

   (UNIX) ORACLE_HOME/opmn/bin/opmnctl startall
   (Windows) ORACLE_HOME\opmn\bin\opmnctl startall
   

4.3.7 Changing the Port Tunneling Port

To change the Port Tunneling port number:

1. Stop the Application Server Control Console, OPMN, and all OPMN-managed processes:

   (UNIX) ORACLE_HOME/opmn/bin/opmnctl stopall
   (Windows)ORACLE_HOME\opmn\bin\opmnctl stopall
   
   

2. Open the opmn.xml file:

   (UNIX) ORACLE_HOME/opmn/conf/opmn.xml
   (Windows) ORACLE_HOME\opmn\conf\opmn.xml
   
   

3. Under the <ias-component id="IASPT"> element, update the range parameter in the <port> element with the new range. For example:

   <port id="ajp" range="7501-7553"/>
   
   

   Note that the port number range specified in opmn.xml overrides any port number specified in iaspt.conf. As a result, you only need to update the port number in opmn.xml.

4. Start Application Server Control Console, OPMN, and all OPMN-managed processes:

   (UNIX) ORACLE_HOME/opmn/bin/opmnctl startall
   (Windows) ORACLE_HOME\opmn\bin\opmnctl startall
   

4.4 Changing 10.1.4 or 10.1.2 Infrastructure Ports

This section contains the following topics:

• Changing the 10.1.4 or 10.1.2 OracleAS Metadata Repository Net Listener Port

• Changing 10.1.4 or 10.1.2 Oracle Internet Directory Ports

• Changing the HTTP Server Port on a 10.1.4 or 10.1.2 Identity Management Installation

• Changing 10.1.4 or 10.1.2 OracleAS Certificate Authority Ports

4.4.1 Changing the 10.1.4 or 10.1.2 OracleAS Metadata Repository Net Listener Port

If your environment includes a 10.1.4 or 10.1.2 OracleAS Metadata Repository, and you want to change the listener port number, perform the procedure in this section.

First, determine if it is necessary to change the OracleAS Metadata Repository listener port number. If you are concerned about the fact that you have another database on your host using the same port, it is possible that the OracleAS Metadata Repository and the other database can use the same port.

The following are guidelines for port usage by multiple databases on the same host:

• Multiple Oracle9i and Oracle Database 10g databases can share the same Oracle Net listener port. If you install a OracleAS Metadata Repository on a host that contains Oracle9i and Oracle Database 10g databases, they can all use port 1521. There is no need to change the OracleAS Metadata Repository port number.

• If the other databases on your system are Oracle8i databases running the Net8 listener, then the OracleAS Metadata Repository must use a different port. They cannot share the same port.

Note:

If you want to run two listeners that use the same key value on one host, refer to Section 4.4.1.1, "Changing the KEY Value for an IPC Listener"

If you determine that you want to change the OracleAS Metadata Repository listener port, follow the procedure in this section. An OracleAS Metadata Repository may be used in several different ways. Use the following table to determine the steps that are required for changing your type of OracleAS Metadata Repository:

If the Metadata Repository is used as follows:	Follow these tasks to change its Oracle Net listener port:
Identity Management Repository and Product Metadata Repository Registered with Oracle Internet Directory	Task 1: Stop Middle-Tier Instances Task 2: Change the OracleAS Metadata Repository Oracle Net Listener Port Task 3: Update Oracle Internet Directory Task 4: Update OracleAS Single Sign-On Task 5: Update OracleAS Certificate Authority Task 6: Update the Application Server Control Console Task 7: Update Middle-Tier Instances
Identity Management Repository only Registered with Oracle Internet Directory	Task 1: Stop Middle-Tier Instances Task 2: Change the OracleAS Metadata Repository Oracle Net Listener Port Task 3: Update Oracle Internet Directory Task 4: Update OracleAS Single Sign-On Task 5: Update OracleAS Certificate Authority Task 6: Update the Application Server Control Console
Product Metadata Repository Registered with Oracle Internet Directory	Task 1: Stop Middle-Tier Instances Task 2: Change the OracleAS Metadata Repository Oracle Net Listener Port Task 3: Update Oracle Internet Directory Task 7: Update Middle-Tier Instances

Task 1: Stop Middle-Tier Instances

Stop all middle-tier instances that use the Metadata Repository by executing the following command in each middle-tier Oracle home:

(UNIX) ORACLE_HOME/opmn/bin/opmnctl stopall
(Windows) ORACLE_HOME\opmn\bin\opmnctl stopall

Task 2: Change the OracleAS Metadata Repository Oracle Net Listener Port

On the OracleAS Metadata Repository host:

1. Make sure that the ORACLE_HOME and ORACLE_SID environment variables are set.

2. If OPMN is running, stop it:

   (UNIX) ORACLE_HOME/opmn/bin/opmnctl stopall
   
   (Windows) ORACLE_HOME\opmn\bin\opmnctl stopall
   
   

3. Stop the OracleAS Metadata Repository listener:

   lsnrctl stop
   
   

4. Edit the listener.ora file, which is located at:

   (UNIX) ORACLE_HOME/network/admin/listener.ora
   
   (Windows) ORACLE_HOME\network\admin\listener.ora
   
   

   Under the LISTENER entry, update the value for PORT. Save the file.

5. Edit the tnsnames.ora file. The default location is:

   (UNIX) ORACLE_HOME/network/admin/tnsnames.ora
   
   (Windows) ORACLE_HOME\network\admin\tnsnames.ora
   
   

   Make the following changes to the file:

   1. Update the PORT value in each entry that applies to OracleAS Metadata Repository.

   2. Add an entry like the following:

      newnetport =
      
        (DESCRIPTION =
      
          (ADDRESS = (PROTOCOL = tcp) (HOST = hostname) (PORT = port)))
      
      

      In the example, hostname is the fully-qualified hostname and port is the new port number.

6. Start the OracleAS Metadata Repository listener:

   lsnrctl start
   
   

7. Using SQL*Plus, log in to the OracleAS Metadata Repository as the SYSTEM user with SYSDBA privileges and run the following command:

   SQL> ALTER SYSTEM SET local_listener='newnetport' scope=spfile;
   
   

8. Using SQL*Plus, restart OracleAS Metadata Repository:

   SQL> SHUTDOWN
   
   SQL> STARTUP
   
   

9. Start Oracle Internet Directory:

   • On UNIX systems:

     ORACLE_HOME/opmn/bin/opmnctl start
     
     ORACLE_HOME/opmn/bin/opmnctl startproc ias-component=OID
     
     

   • On Windows systems:

     ORACLE_HOME\opmn\bin/opmnctl start
     
     ORACLE_HOME\opmn\bin\opmnctl startproc ias-component=OID
     

Task 3: Update Oracle Internet Directory

On the Identity Management host, update Oracle Internet Directory with the new Oracle Net listener port number:

1. Start Oracle Directory Manager:

   • On UNIX, use the following command:

     ORACLE_HOME/bin/oidadmin
     
     

   • On Windows, navigate to Oracle Directory Manager (Start, Programs, Oracle Application Server Infrastructure - Oracle_Home, Integrated Management Tools, Oracle Directory Manager).

2. Log in to Oracle Directory Manager.

3. In the System Objects frame:

   1. Expand Entry Management.

   2. Expand cn=Oracle Context.

   3. Select the DBName for the OracleAS Metadata Repository. For example, if the DBName is the default, orcl, select cn=ORCL.

   4. On the Properties tab, update the PORT parameter in the orclnetdescstring field with the new port number.

4. Click Apply.

5. In the System Objects frame:

   1. Under cn=Oracle Context, select the DBName for the OracleAS Metadata Repository. For example, if the DBName is the default, orcl, select cn=ORCL.

   2. Expand cn=DESCRIPTION_0.

   3. Select cn=ADDRESS_0.

   4. On the Properties tab, update the PORT parameter in the orclnetaddressstring field with the new port number.

6. Click Apply.

7. Start OPMN in the Oracle Internet Directory Oracle home:

   (UNIX) ORACLE_HOME/opmn/bin/opmnctl startall
   
   (Windows) ORACLE_HOME\opmn\bin\opmnctl startall 
   

Task 4: Update OracleAS Single Sign-On

From the OracleAS Single Sign-On Oracle home:

1. On UNIX systems, set the LD_LIBRARY_PATH, LD_LIBRARY_PATH_64, LIB_PATH, or SHLIB_PATH environment variables to the proper values, as shown in Table 1-1. The actual environment variables and values that you must set depend on the type of your UNIX operating system.

2. Update OracleAS Single Sign-On with the new repository port number by executing the following command:

   • On UNIX systems:

     $ORACLE_HOME/jdk/bin/java -jar $ORACLE_HOME/sso/lib/ossoca.jar reassoc -repos $ORACLE_HOME
     
     

   • On Windows systems:

     %ORACLE_HOME%\jdk\bin\java -jar %ORACLE_HOME%\sso\lib\ossoca.jar reassoc -repos %ORACLE_HOME%
     
     

3. Restart OC4J:

   (UNIX) ORACLE_HOME/opmn/bin/opmnctl restartproc ias-component=OC4J
   
   (Windows) ORACLE_HOME\opmn\bin\opmnctl restartproc ias-component=OC4J 
   

Task 5: Update OracleAS Certificate Authority

If OracleAS Certificate Authority is configured in the Identity Management installation:

1. Run the following command:

   (UNIX) ORACLE_HOME/oca/bin/ocactl updateconnection
   
   (Windows) ORACLE_HOME\oca\bin\ocactl updateconnection
   
   

2. Restart OracleAS Certificate Authority:

   (UNIX) ORACLE_HOME/oca/bin/ocactl stop
   
   (UNIX) ORACLE_HOME/oca/bin/ocactl start
   
   
   (Windows) ORACLE_HOME\oca\bin\ocactl stop
   
   (Windows) ORACLE_HOME\oca\bin\ocactl start
   
   

If you are not sure if OracleAS Certificate Authority is configured, examine the Application Server Control Home page to see if it is listed in the Components section.

Task 6: Update the Application Server Control Console

Update the Application Server Control Console with the new port number:

1. In the Identity Management Oracle home, edit the following file:

   (UNIX) ORACLE_HOME/sysman/emd/targets.xml
   
   (Windows) ORACLE_HOME\sysman\emd\targets.xml
   
   

2. Update each occurrence of the old OracleAS Metadata Repository port number with the new port number and save the file.

   For example, update the PORT parameter and the ConnectDescriptor parameter.

3. Reload the Application Server Control Console:

   (UNIX) ORACLE_HOME/bin/emctl reload
   
   (Windows) ORACLE_HOME\bin\emctl reload
   

Task 7: Update Middle-Tier Instances

In each middle-tier Oracle home that uses OracleAS Metadata Repository:

1. Update the following file with the new Oracle Net listener port number:

   (UNIX) ORACLE_HOME/network/admin/tnsnames.ora
   
   (Windows) ORACLE_HOME\network\admin\tnsnames.ora
   
   

2. Check the following file:

   (UNIX) ORACLE_HOME/Apache/modplsql/conf/dads.conf
   
   (Windows) ORACLE_HOME\Apache\modplsql\conf\dads.conf
   
   

   Locate the line that begins with PlsqlDatabaseConnectString.

   • If the line ends with ServiceNameFormat or SIDFormat, update the line with the new OracleAS Metadata Repository port number, save the file, and restart Oracle HTTP Server.

   • If the line ends with NetServiceNameFormat, you do not need to do anything.

3. Start the middle-tier instance:

   (UNIX) ORACLE_HOME/opmn/bin/opmnctl startall
   
   (Windows) ORACLE_HOME\opmn\bin\opmnctl startall
   

4.4.1.1 Changing the KEY Value for an IPC Listener

It is not possible to run two listeners at the same time that are configured to use the same KEY value in their IPC protocol address. By default, the OracleAS Metadata Repository listener has its IPC KEY value set to EXTPROC. Hence, if your computer has another IPC listener that uses the EXTPROC key, you should configure the OracleAS Metadata Repository listener to use some other key value such as EXTPROC1.

To change the KEY value of an IPC listener:

1. Stop the listener (make sure your ORACLE_HOME environment variable is set first):

   lsnrctl stop
   
   

2. Edit the listener.ora and tnsnames.ora files. In each file, find the following line:

   (ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC))
   
   

   Change it to the following:

   (ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC1))
   
   

3. Restart the listener:

   lsnrctl start
   

4.4.2 Changing 10.1.4 or 10.1.2 Oracle Internet Directory Ports

You can associate a 10g Release 3 (10.1.3.2.0) middle-tier instance with Release 10.1.4 or Release 2 (10.1.2) Identity Management Services.

When you change the Oracle Internet Directory HTTP or HTTPS port on an Identity Management installation, you must update any middle-tier instance that uses the Identity Management installation.

The following tasks describe how to update the Oracle Internet Directory port number, including updating other components in the Infrastructure and updating the middle-tier instances that use the port:

• Task 1: Prepare the Middle-Tier Instances

• Task 2: Prepare the Infrastructure Instances

• Task 3: Change the Oracle Internet Directory Port

• Task 4: Reconfigure OracleAS Certificate Authority

• Task 5: Restart the Identity Management Instance

• Task 6: Update the Middle-Tier Instances to Use the New Port Number

Task 1: Prepare the Middle-Tier Instances

For each 10g Release 3 (10.1.3.2.0) middle-tier instance that uses Identity Management, make sure the instance is started.

If it is not started, start all processes, using the following command:

(UNIX) ORACLE_HOME/opmn/bin/opmnctl startall
(Windows) ORACLE_HOME\opmn\bin\opmnctl startall

Task 2: Prepare the Infrastructure Instances

Prepare the Infrastructure instances by taking these steps:

1. Make sure that Identity Management and its associated OracleAS Metadata Repository are started on the Infrastructure whose port number you are changing.

2. If any middle-tier instance uses a different OracleAS Metadata Repository for its product metadata, make sure that repository is started. In short, make sure all Metadata Repositories in your environment are started.

Task 3: Change the Oracle Internet Directory Port

Change the Oracle Internet Directory port by taking these steps:

1. On the Oracle Internet Directory host:

   1. Create a file named mod.ldif with the following contents. You can create the file in any directory.

      For HTTP:

      dn: cn=configset0, cn=osdldapd, cn=subconfigsubentry
      changetype: modify
      replace: orclnonsslport
      orclnonsslport: new_nonssl_port_number
      
      

      For HTTPS:

      dn: cn=configset0, cn=osdldapd, cn=subconfigsubentry
      changetype: modify
      replace: orclsslport
      orclsslport: new_ssl_port_number
      
      

   2. Run the following command:

      For the HTTP (non-SSL) port:

      ldapmodify -D "cn=orcladmin" -w password -p oid_port -f mod.ldif
      
      

      For the HTTPS (SSL) port:

      ldapmodify -D "cn=orcladmin" -w password -p oid_port -U SSLAuth -f mod.ldif
      
      

      Note that oid_port is the old Oracle Internet Directory port number. If you are changing the HTTPS port, provide the additional -U argument to specify the SSL authentication mode. Use one of the following values for SSLAuth: 1 for no authentication required; 2 for one-way authentication required; 3 for two-way authentication required.

2. On the Oracle Internet Directory host, stop the entire instance that contains Oracle Internet Directory, as well as the Application Server Control Console:

   • On UNIX systems:

     ORACLE_HOME/bin/emctl stop iasconsole
     ORACLE_HOME/opmn/bin/opmnctl stopall
     
     

   • On Windows systems:

     ORACLE_HOME\bin\emctl stop iasconsole
     ORACLE_HOME\opmn\bin\opmnctl stopall
     
     

3. Perform this step in the Oracle Internet Directory Oracle home. If you have OracleAS Metadata Repository installed in other Oracle homes that are registered with this Oracle Internet Directory, perform this step in each of those Oracle homes as well.

   1. Open the ldap.ora file:

      (UNIX) ORACLE_HOME/ldap/admin/ldap.ora
      (Windows) ORACLE_HOME\ldap\admin\ldap.ora
      
      

   2. Modify the following line to contain the new port number, and then save the file:

      DIRECTORY_SERVERS=(myhost.myco.com:non_ssl_port:ssl_port)
      
      

   3. Open the ias.properties file:

      (UNIX) ORACLE_HOME/config/ias.properties
      (Windows) ORACLE_HOME\config\ias.properties
      
      

   4. Change the value of OIDport (for an HTTP port change) or OIDsslport (for an HTTPS port change) to the new port number, and then save the file.

4. On the Oracle Internet Directory host, start the instance that contains Oracle Internet Directory, and start the Application Server Control Console:

   • On UNIX systems:

     ORACLE_HOME/opmn/bin/opmnctl startall
     ORACLE_HOME/bin/emctl start iasconsole
     
     

   • On Windows systems:

     ORACLE_HOME\opmn\bin\opmnctl startall
     ORACLE_HOME\bin\emctl start iasconsole
     
     

5. Perform this step in the OracleAS Single Sign-On Oracle home:

   1. On UNIX systems, set the LD_LIBRARY_PATH, LD_LIBRARY_PATH_64, LIB_PATH, or SHLIB_PATH environment variables to the proper values, as shown in Table 1-1. The actual environment variables and values that you must set depend on the type of your UNIX operating system.

   2. Run the following command in the OracleAS Single Sign-On Oracle home:

      $ORACLE_HOME/jdk/bin/java -jar $ORACLE_HOME/sso/lib/ossoca.jar reassoc -repos $ORACLE_HOME
      

Task 4: Reconfigure OracleAS Certificate Authority

Perform this task if you are using OracleAS Certificate Authority:

1. If OracleAS Certificate Authority is running in a different Oracle home, do the following steps in the OracleAS Certificate Authority Oracle home:

   1. Open the ias.properties file:

      (UNIX) ORACLE_HOME/config/ias.properties
      (Windows) ORACLE_HOME\config\ias.properties
      
      

   2. Change the value of OIDport (for an HTTP port change) or OIDsslport (for an HTTPS port change) to the new port number, and then save the file.

2. Update OracleAS Certificate Authority with the new Oracle Internet Directory port number by running the following command in the OracleAS Certificate Authority Oracle home:

   (UNIX) ORACLE_HOME/oca/bin/ocactl changesecurity -server_auth_port portnum
   (Windows) ORACLE_HOME\oca\bin\ocactl changesecurity -server_auth_port portnum
   
   

   In the example, portnum is the OracleAS Certificate Authority Server Authentication Virtual Host (SSL) port; the default is 6600.

   See Also:

   Oracle Application Server Certificate Authority Administrator's Guide, Release 2 (10.1.2), for more information

Task 5: Restart the Identity Management Instance

Restart the Identity Management instance:

• On UNIX systems:

  ORACLE_HOME/bin/emctl stop iasconsole
  ORACLE_HOME/opmn/bin/opmnctl stopall
  ORACLE_HOME/opmn/bin/opmnctl startall
  ORACLE_HOME/bin/emctl start iasconsole
  
  

• On Windows systems:

  ORACLE_HOME\bin\emctl stop iasconsole
  ORACLE_HOME\opmn\bin\opmnctl stopall
  ORACLE_HOME\opmn\bin\opmnctl startall
  ORACLE_HOME\bin\emctl start iasconsole
  

Task 6: Update the Middle-Tier Instances to Use the New Port Number

On each middle-tier instance that uses the Identity Management installation, run the Change Identity Management Services wizard and start the instance:

1. Using the Application Server Control Console, navigate to the OC4J Home page for the middle-tier instance.

2. Click Administration.

3. In the Task Name column of the table, expand Security if it is not already expanded. Then, in the Identity Management row, click the Go to Task icon.

4. On the Identity Management page, click Change.

5. Follow the steps in the wizard for supplying the new Identity Management information. See Section 6.6 for more information.

6. When the operation is finished, click Restart to restart the OC4J instance, and click YES in the confirmation page.

You must also update any Release 2 (10.1.2) middle-tier instance that uses Identity Management. For information about updating Release 2 (10.1.2) middle-tier instances, see the "Managing Ports" chapter in the Release 2 (10.1.2) Oracle Application Server Administrator's Guide.

4.4.3 Changing the HTTP Server Port on a 10.1.4 or 10.1.2 Identity Management Installation

This section describes how to change the Oracle HTTP Server HTTP or HTTPS Listen port on a 10.1.4 or 10.1.2 Identity Management installation. When you change this port number, you also effectively change the OracleAS Single Sign-On port number. This means you must update any middle-tier instance that uses the OracleAS Single Sign-On port.

The following tasks describe how to update the Oracle HTTP Server port number on Identity Management, including updating other components in the Infrastructure and updating the middle-tier instances that use the port:

• Task 1: Prepare the Middle-Tier Instances

• Task 2: Prepare the Infrastructure Instances

• Task 3: Modify the Oracle HTTP Server Listen and Port Directives

• Task 4: Enable Oracle HTTP Server to Run as Root for Ports Less Than 1024 (UNIX Only)

• Task 5: Update the Application Server Control Console

• Task 6: Update OracleAS Single Sign-On

• Task 7: Re-register mod_osso

• Task 8: Update Oracle Delegated Administration Services

• Task 9: Update OracleAS Certificate Authority

• Task 10: Restart the Identity Management Instance

• Task 11: Restart OracleAS Certificate Authority

• Task 12: Update the Middle-Tier Instances to Use the New Port Number

Task 1: Prepare the Middle-Tier Instances

For each 10g Release 3 (10.1.3.2.0) middle-tier instance that uses Identity Management, make sure the instance is started.

If it is not started, start all processes, using the following command:

(UNIX) ORACLE_HOME/opmn/bin/opmnctl startall
(Windows) ORACLE_HOME\opmn\bin\opmnctl startall

Task 2: Prepare the Infrastructure Instances

Prepare the Infrastructure by taking the following steps:

1. Make sure that Identity Management and its associated OracleAS Metadata Repository are started on the Infrastructure whose port number you are changing.

2. If any middle-tier instance uses a different Metadata Repository for its product metadata, make sure the repository is started. In short, make sure all Metadata Repositories in your environment are started.

Task 3: Modify the Oracle HTTP Server Listen and Port Directives

If you are changing the HTTP port, change both the Listen and Port directives to the new port number in the Oracle HTTP Server httpd.conf file. You can perform this task using the Application Server Control Console or manual steps on the Release 2 (10.1.2) Identity Management instance.

• Using the Application Server Control Console on the Identity Management instance:

  1. Navigate to the Application Server Home page and click Ports.

  2. On the Ports page, locate the Oracle HTTP Server Listen port and click the icon in the Configure column.

  3. On the Server Properties page:

     • Enter the new port number in the Default Port field. This is for the Port directive.

     • Enter the new port number in the Listening Port column. This is for the Listen directive. There may be more than one listening port listed. The only way to tell which is the non-SSL Listen port is to choose the one with the old non-SSL Listen port value.

  4. At the bottom of the page, click Apply.

  5. On the Confirmation page, click No, you would not like to restart now.

• Using manual steps:

  1. Open the httpd.conf file:

     (UNIX) ORACLE_HOME/Apache/Apache/conf/httpd.conf
     (Windows) ORACLE_HOME\Apache\Apache\conf\httpd.conf
     
     

  2. Update the non-SSL Listen and Port directives with the new port number, and then save the file.

     The value for Listen and Port must be the same port number. The following example changes the directives to port 7779:

     Listen 7779
     Port 7779
     
     

     There may be multiple Listen and Port directives in this file. Modify the Listen and Port directives that are not enclosed in an SSL virtual host container. The easiest way to locate the proper Listen and Port directives is to search the file for the old port number.

  3. Run the following command:

     (UNIX) ORACLE_HOME/dcm/bin/dcmctl updateConfig -ct ohs
     (Windows) ORACLE_HOME\dcm\bin\dcmctl updateConfig -ct ohs
     
     

If you are changing the HTTPS port, change both the SSL Listen and Port directives to the new port number in the Oracle HTTP Server ssl.conf file. You must do this using the following manual steps:

1. Edit the ssl.conf file, located at:

   (UNIX) ORACLE_HOME/Apache/Apache/conf/ssl.conf
   (Windows) ORACLE_HOME\Apache\Apache\conf\ssl.conf
   
   

2. Update the SSL Listen and SSL Port directives with the new port number, and then save the file.

   The value for Listen and Port must be the same port number. The following example changes the directives to port 4445:

   Listen 4445
   Port 4445
   
   

   Save and close the file.

3. Run the following command:

   (UNIX) ORACLE_HOME/dcm/bin/dcmctl updateConfig -ct ohs
   (Windows) ORACLE_HOME\dcm\bin\dcmctl updateConfig -ct ohs
   

Task 4: Enable Oracle HTTP Server to Run as Root for Ports Less Than 1024 (UNIX Only)

Perform this task if you are changing the port to a value less than 1024 on UNIX.

By default, Oracle HTTP Server runs as a non-root user (the user that installed Oracle Application Server). On UNIX systems, if you change the Oracle Application Server non-SSL Listen port number to a value less than 1024, you must enable Oracle HTTP Server to run as root, as follows:

1. Log in as root.

2. Run the following commands in the Infrastructure Oracle home:

   cd ORACLE_HOME/Apache/Apache/bin
   chown root .apachectl
   chmod 6750 .apachectl
   

Task 5: Update the Application Server Control Console

Update the Application Server Control Console with the new port number:

1. Open the targets.xml file:

   (UNIX) ORACLE_HOME/sysman/emd/targets.xml
   (Windows) ORACLE_HOME\sysman\emd\targets.xml
   
   

2. Update each occurrence of the old Oracle HTTP Server Listen port number with the new port number, and then save the file.

   Depending on your configuration, this file may not contain any occurrences of the Oracle HTTP Server Listen port, or it may contain many occurrences. The Listen port may occur as a parameter on its own, or it may be part of a URL. The easiest way to edit this file is to search for all occurrences of the old Oracle HTTP Server Listen port number, and replace them with the new port number.

3. Reload the Application Server Control Console:

   (UNIX) ORACLE_HOME/bin/emctl reload
   (Windows) ORACLE_HOME\bin\emctl reload
   

Task 6: Update OracleAS Single Sign-On

Perform this task if OracleAS Single Sign-On is configured to use the Oracle HTTP Server HTTP Listen port in the installation where you are changing the port.

1. On UNIX systems, set the LD_LIBRARY_PATH, LD_LIBRARY_PATH_64, LIB_PATH, or SHLIB_PATH environment variables to the proper values, as shown in Table 1-1. The actual environment variables and values that you must set depend on the type of your UNIX operating system.

2. Run one or both of the following commands in the OracleAS Single Sign-On Oracle home:

   To change the non-SSL port:

   (UNIX) ORACLE_HOME/sso/bin/ssocfg.sh http hostname new_non_ssl_port_number
   (Windows) ORACLE_HOME\sso\bin\ssocfg.bat http hostname new_non_ssl_port_number
   
   

   To change the SSL port:

   (UNIX) ORACLE_HOME/sso/bin/ssocfg.sh https hostname new_ssl_port_number
   (Windows) ORACLE_HOME\sso\bin\ssocfg.bat https hostname new_ssl_port_number
   
   

   In the examples:

   • hostname is the host on which OracleAS Single Sign-On is running.

   • new_non_ssl_port_number is the new non-SSL Oracle HTTP Server Listen port number.

   • new_ssl_port_number is the new SSL Oracle HTTP Server Listen port number.

Task 7: Re-register mod_osso

Re-register mod_osso as follows:

1. Set environment variables:

   • On UNIX systems, set the LD_LIBRARY_PATH, LD_LIBRARY_PATH_64, LIB_PATH, or SHLIB_PATH environment variables to the proper values, as shown in Table 1-1. The actual environment variables and values that you must set depend on the type of your UNIX operating system.

   • On Windows systems, set the path, for example: PATH=%PATH%;%ORACLE_HOME%\bin;%ORACLE_HOME%\lib.

2. If you are changing the Oracle HTTP Server Listen port, re-register mod_osso to take care of the default partner applications by using the following command in the Identity Management Oracle home:

   On UNIX systems:

   ORACLE_HOME/sso/bin/ssoreg.sh
   -oracle_home_path identity_management_oracle_home
   -site_name identity_management_hostname:new_port_number
   -config_mod_osso TRUE
   -mod_osso_url mod_osso_url
   
   

   On Windows systems:

   ORACLE_HOME\sso\bin\ssoreg.bat
   -oracle_home_path identity_management_oracle_home
   -site_name identity_management_hostname:new_port_number
   -config_mod_osso TRUE
   -mod_osso_url mod_osso_url
   
   

   For example, if you want to change the Oracle HTTP Server Listen port to 7779 on host myhost on UNIX:

   $ORACLE_HOME/sso/bin/ssoreg.sh
   -oracle_home_path /disk1/oracleas
   -site_name myhost:7779
   -config_mod_osso TRUE
   -mod_osso_url http://myhost.mydomain:7779
   
   

3. If you are changing the Oracle HTTP Server SSL Listen port, perform the following steps:

   1. Re-register mod_osso with the new port number by running the following command in the middle-tier Oracle home:

      On UNIX systems:

      ORACLE_HOME/sso/bin/ssoreg.sh
      -oracle_home_path identity_management_oracle_home
      -site_name identity_management_hostname:new_port_number
      -config_mod_osso TRUE
      -update_mode MODIFY
      -remote_midtier
      -config_file path/osso-https.conf
      -mod_osso_url mod_osso_url
      
      

      On Windows systems:

      ORACLE_HOME\sso\bin\ssoreg.bat
      -oracle_home_path identity_management_oracle_home
      -site_name identity_management_hostname:new_port_number
      -config_mod_osso TRUE
      -update_mode MODIFY
      -remote_midtier
      -config_file path\osso-https.conf
      -mod_osso_url mod_osso_url
      
      

      For example, if you want to change the Oracle HTTP Server SSL Listen port to 4445 on myhost on UNIX:

      $ORACLE_HOME/sso/bin/ssoreg.sh
      -oracle_home_path /disk1/oracleas
      -site_name myhost:4445
      -config_mod_osso TRUE
      -update_mode MODIFY
      -remote_midtier
      -config_file $ORACLE_HOME/Apache/Apache/conf/osso/osso-https.conf
      -mod_osso_url http://myhost.mydomain:7778
      

      See Also:

      Oracle Application Server Single Sign-On Administrator's Guide, Release 2 (10.1.2) for more information on registering mod_osso

   2. Copy the obfuscated osso configuration file to the 10g Release 3 (10.1.3.2.0) middle-tier instance.

   3. On the middle-tier host, run the following script to complete the registration:

      (UNIX) ORACLE_HOME/Apache/Apache/bin/osso1013 config_file
      (Windows) perl ORACLE_HOME\Apache\Apache\bin\osso1013 config_file
      
      

   4. Edit the mod_osso.conf file, which is located at:

      (UNIX) ORACLE_HOME/Apache/Apache/conf/mod_osso.conf
      (Windows) ORACLE_HOME\Apache\Apache\conf\mod_osso.conf
      
      

      In the mod_osso.conf file, comment the following directive, if you have not previously done so:

      On UNIX systems:

      LoadModule osso_module libexec/mod_osso.so
      
      

      On Windows systems:

      LoadModule osso_module modules\ApacheModuleOsso.dll
      
      

   5. In the httpd.conf file, which is found in the same (conf) directory, add the directive that you just commented in the preceding step (if you have not previously done so). In a default setup, place the directive right after:

      LoadModule wchandshake_module libexec/mod_wchandshake.so
      
      

4. Restart the Oracle HTTP Server:

   (UNIX) ORACLE_HOME/opmn/bin/opmnctl restartproc process-type=HTTP_Server
   (Windows) ORACLE_HOME\opmn\bin\opmnctl restartproc process-type=HTTP_Server
   
   

5. If you have configured or modified any additional partner applications, you must also re-register those.

See Also:

Oracle Application Server Single Sign-On Administrator's Guide, Release 2 (10.1.2) for more information on registering mod_osso

Task 8: Update Oracle Delegated Administration Services

If you have Oracle Delegated Administration Services configured, and Oracle Delegated Administration Services uses the new port number, follow these steps to update the Oracle Delegated Administration Services URL entry in Oracle Internet Directory.

You can find out what port Oracle Delegated Administration Services uses with the following command:

ldapsearch -h oid_host -p oid_port -D "cn=orcladmin"
-w "password" -b "cn=OperationURLs,cn=DAS,cn=Products,cn=OracleContext"
-s base "objectclass=*" orcldasurlbase

To update Oracle Delegated Administration Services:

1. Create a file named mod.ldif with the following contents (you can create the file in any directory):

   dn:cn=OperationURLs,cn=DAS,cn=Products,cn=OracleContext
   changetype:modify
   replace:orcldasurlbase
   orcldasurlbase:http://hostname:new_http_port_number/
   
   

   Note the slash at the end of the orcldasurlbase URL.

2. Run the following command:

   ldapmodify -D cn=orcladmin -w password -p oid_port -f mod.ldif
   

Task 9: Update OracleAS Certificate Authority

If you are using OracleAS Certificate Authority:

1. Re-register OracleAS Certificate Authority with the OracleAS Single Sign-On server by running the following command in the OracleAS Certificate Authority Oracle home:

   (UNIX) ORACLE_HOME/oca/bin/ocactl changesecurity -server_auth_port portnum
   (Windows) ORACLE_HOME\oca\bin\ocactl changesecurity -server_auth_port portnum
   
   

   In the example, portnum is the OracleAS Certificate Authority Server Authentication Virtual Host (SSL) port; the default is 6600.

   See Also:

   Oracle Application Server Certificate Authority Administrator's Guide, Release 2 (10.1.2)

2. If OracleAS Certificate Authority is located in a different Oracle home than the OracleAS Single Sign-On server, restart Oracle HTTP Server and the oca instance in the OracleAS Certificate Authority Oracle home:

   • On UNIX systems:

     ORACLE_HOME/opmn/bin/opmnctl stopproc ias-component=HTTP_Server
     ORACLE_HOME/opmn/bin/opmnctl stopproc process-type=oca
     ORACLE_HOME/opmn/bin/opmnctl startproc ias-component=HTTP_Server
     ORACLE_HOME/opmn/bin/opmnctl startproc process-type=oca
     
     

   • On Windows systems:

     ORACLE_HOME\opmn\bin\opmnctl stopproc ias-component=HTTP_Server
     ORACLE_HOME\opmn\bin\opmnctl stopproc process-type=oca
     ORACLE_HOME\opmn\bin\opmnctl startproc ias-component=HTTP_Server
     ORACLE_HOME\opmn\bin\opmnctl startproc process-type=oca
     

Task 10: Restart the Identity Management Instance

Restart the Identity Management instance:

• On UNIX systems:

  ORACLE_HOME/bin/emctl stop iasconsole
  ORACLE_HOME/opmn/bin/opmnctl stopall
  ORACLE_HOME/opmn/bin/opmnctl startall
  ORACLE_HOME/bin/emctl start iasconsole
  
  

• On Windows systems:

  ORACLE_HOME\bin\emctl stop iasconsole
  ORACLE_HOME\opmn\bin\opmnctl stopall
  ORACLE_HOME\opmn\bin\opmnctl startall
  ORACLE_HOME\bin\emctl start iasconsole
  

Task 11: Restart OracleAS Certificate Authority

If OracleAS Certificate Authority is configured in this instance, restart it:

(UNIX) ORACLE_HOME/oca/bin/ocactl start
(Windows) ORACLE_HOME\oca\bin\ocactl start

Task 12: Update the Middle-Tier Instances to Use the New Port Number

Now that you have changed the Oracle HTTP Server port on the Identity Management installation, you must update all middle-tier instances to use the new port number. Note that in these steps, you do not need to explicitly specify the HTTP or HTTPS port number; the Change Identity Management wizard retrieves the port number internally.

For each 10g Release 3 (10.1.3.2.0) middle-tier instance that uses Identity Management:

1. Using the Application Server Control Console, navigate to the OC4J Home page for the middle-tier instance.

2. Click Administration.

3. In the Task Name column of the table, expand Security if it is not already expanded. Then, in the Identity Management row, click the Go to Task icon.

4. On the Identity Management page, click Change.

5. Enter the current information for Oracle Internet Directory. See Section 6.6 for more information.

6. Click OK.

7. When the operation is finished, click Restart to restart the OC4J instance, and click YES in the confirmation page.

You must also update any Release 2 (10.1.2) middle-tier instance that uses Identity Management. For information about updating Release 2 (10.1.2) middle-tier instances, see the "Managing Ports" chapter in the Release 2 (10.1.2) Oracle Application Server Administrator's Guide.

4.4.4 Changing 10.1.4 or 10.1.2 OracleAS Certificate Authority Ports

This section describes how to change the following port numbers:

• OracleAS Certificate Authority Server Authentication Virtual Host (SSL)

• OracleAS Certificate Authority Mutual Authentication Virtual Host (SSL)

To change either of these port numbers:

1. Open the ocm_apache.conf file in the Oracle home of the Infrastructure that contains OracleAS Certificate Authority:

   (UNIX) ORACLE_HOME/Apache/Apache/conf/ocm_apache.conf
   
   (Windows) ORACLE_HOME\Apache\Apache\conf\ocm_apache.conf
   
   

   1. Modify the Server or Mutual port, or both, and then save the file.

      Note that each port number is listed in the file in two places:

      • As a Listen directive

      • As a default virtual host

      The easiest way to find these is to search for the old port number.

   2. Run the following command:

      (UNIX) ORACLE_HOME/dcm/bin/dcmctl updateConfig -ct ohs
      
      (Windows) ORACLE_HOME\dcm\bin\dcmctl updateConfig -ct ohs
      
      

2. Run the following command (make sure your ORACLE_HOME environment variable is set first):

   sqlplus oca/oca_admin_password @$ORACLE_HOME/oca/sql/ocaportchg
   
   

   1. Enter the Server Authentication Only port when prompted. If you do not want to change this port number, enter the old port number.

   2. Enter the Mutual Authentication port when prompted. If you do not want to change this port number, enter the old port number.

3. Re-register OracleAS Certificate Authority with the OracleAS Single Sign-On server by executing the following command in the OracleAS Certificate Authority Oracle home:

   (UNIX) ORACLE_HOME/oca/bin/ocactl changesecurity -server_auth_port portnum
   
   (Windows) ORACLE_HOME\oca\bin\ocactl changesecurity -server_auth_port portnum
   
   

   In the example, portnum is the OracleAS Certificate Authority Server Authentication Virtual Host (SSL) port; the default is 6600.

   See Also:

   Oracle Application Server Certificate Authority Administrator's Guide

4. Restart Oracle HTTP Server:

   (UNIX) ORACLE_HOME/opmn/bin/opmnctl restartproc type=ohs
   
   (Windows) ORACLE_HOME\opmn\bin\opmnctl restartproc type=ohs
   
   

5. Restart the OracleAS Certificate Authority OC4J instance:

   (UNIX) ORACLE_HOME/opmn/bin/opmnctl restartproc type=oc4j instancename=oca
   
   (Windows) ORACLE_HOME\opmn\bin\opmnctl restartproc type=oc4j instancename=oca
   
   

6. Start Oracle Application Server Certificate Authority:

   (UNIX) ORACLE_HOME/oca/bin/ocactl start
   
   (Windows) ORACLE_HOME\oca\bin\ocactl start