Perform the following procedures to configure Apache software, install Oracle software, and configure the Oracle database.
This procedure configures secure Apache HTTP Server version 1.3 software by using mod_ssl. For additional information, see the installed Apache online documentation at file:///usr/apache/htdocs/manual/index.html.html, the Apache HTTP Server web site at http://httpd.apache.org/docs/1.3/, and the Apache mod_ssl web site at http://www.modssl.org/docs/.
Use the cconsole master window to access both nodes.
You can perform the next steps on both nodes at the same time.
Install all certificates and keys.
In the /usr/apache/bin directory, create the file keypass.
Set file permissions for owner access only.
phys-X# cd /usr/apache/bin phys-X# touch keypass phys-X# chmod 700 keypass |
Edit the keypass file so that it prints the pass phrase for the encrypted key that corresponds to a host and a port.
This file will be called with server:port algorithm as arguments. Ensure that the file can print the pass phrase for each of your encrypted keys when called with the correct parameters.
Later, when you attempt to start the web server manually, it must not prompt you for a pass phrase. For example, suppose that a secure web server is listening on ports 8080 and 8888, with private keys for both ports that are encrypted by using RSA. The keypass file could be the following:
# !/bin/ksh host=`echo $1 | cut -d: -f1` port=`echo $1 | cut -d: -f2` algorithm=$2 if [ "$host" = "apache-lh.example.com" -a "$algorithm" = "RSA" ]; then case "$port" in 8080) echo passphrase-for-8080;; 8888) echo passphrase-for-8888;; esac fi |
Update the paths in the Apache start/stop script file, /usr/apache/bin/apachect1, if they differ from your Apache directory structure.
Verify your configuration changes.
Check the /etc/apache/httpd.conf file for correct syntax.
phys-X# /usr/apache/bin/apachectl configtest |
Ensure that any logical hostnames or shared addresses that Apache uses are configured and online.
On phys-sun, start the Apache server.
phys-sun# /usr/apache/bin/apachectl startssl |
Ensure that the web server does not ask you for a pass phrase.
If Apache does not start properly, correct the problem.
On phys-sun, stop the Apache server.
phys-sun# /usr/apache/bin/apachectl stopssl |
Have available the following:
The Oracle 10gR2 installation DVD.
Any Oracle patches.
Oracle installation documentation.
On phys-sun, become user oracle.
phys-sun# su - oracle |
Change to the /tmp directory.
phys-sun# cd /tmp |
Insert the Oracle product disc.
If the volume management daemon vold(1M) is running and is configured to manage DVD-ROMs, the daemon automatically mounts the Oracle 10gR2 DVD-ROM on the /cdrom/cdrom0 directory.
Start the Oracle Universal Installer.
phys-sun# /cdrom/cdrom0/Disk1/runInstaller |
For more information about using the Oracle Universal Installer, see the Oracle Database Client Installation Guide for Solaris Operating System (SPARC 64–Bit).
Follow the prompts to install Oracle software.
Specify the following values:
Oracle Component |
Value |
---|---|
Source file location |
/cdrom/cdrom0/Disk1/products.jar |
Destination file location (the value of $ORACLE_HOME) |
/oracle/oracle/product/10.2.0 |
UNIX group name |
dba |
Available products |
Oracle 10g Enterprise Edition or Standard Edition |
Database configuration type |
General Purpose |
Installation type |
Typical |
Global database name |
orasrvr |
Oracle System Identifier (SID) |
orasrvr |
Database file location |
/oradata/10gR2 |
Database character set |
default |
For more information, see the Oracle Database Client Installation Guide for Solaris Operating System (SPARC 64–Bit).
Change to a directory that does not reside on the DVD and eject the DVD.
phys-sun# eject cdrom |
Apply any Oracle patches.
Verify that the owner, group, and mode of the /oracle/oracle/product/10.2.0/bin/oracle file are correct.
phys-sun# ls -l /oracle/oracle/product/10.2.0/bin/oracle -rwsr-s--x 1 oracle dba 3195 Apr 27 2005 oracle |
Verify that the listener binaries exist in the /oracle/oracle/product/10.2.0/bin/ directory.
Oracle listener binaries include the lsnrctl command and the tnsping command.
Exit from the user oracle.
The superuser prompt is again displayed.
Prevent the Oracle cssd daemon from being started.
Remove the following entry from the /etc/inittab file. This action prevents unnecessary error messages from being displayed.
h1:23:respawn:/etc/init.d/init.cssd run >/dev/null 2>&| > </dev/null |
Repeat this procedure on phys-moon.
Have available your Oracle installation documentation. Refer to those procedures to perform the following tasks.
On phys-sun, prepare the database configuration files.
Place all of the database-related files (data files, redo log files, and control files) on the /oradata/10gR2 directory.
Within the init$ORACLE_SID.ora file or the config$ORACLE_SID.ora file, modify the assignments for control_files and background_dump_dest to specify the location of the control files.
Start the creation of the database by using a utility from the following list:
The Oracle Database Configuration Assistant (DBCA)
The Oracle sqlplus(1M) command
During creation, ensure that all of the database-related files are placed in the /oradata/10gR2 directory.
Verify that the file names of your control files match the file names in your configuration files.
Run the catalog scripts that create the v$sysstat view. The Sun Cluster HA for Oracle fault monitor uses this view.
Perform this procedure on both nodes.
Enable access for the Oracle user and password to be used for fault monitoring.
Use the Oracle authentication method to grant to the oracle user authority on the v_$sysstat view, v_$archive_dest view, and v_$database view.
phys-X# sqlplus "/ as sysdba" sql> grant connect, resource to oracle identified by passwd; sql> alter user oracle default tablespace system quota 1m on system; sql> grant select on v_$sysstat to oracle; sql> grant select on v_$archive_dest to oracle;sql> grant select on v_$database to oracle; sql> grant create session to oracle; sql> grant create table to oracle; sql> exit; # |
Configure NET8 for the Sun Cluster software.
Set the following entries in the default /oracle/oracle/product/10.2.0/network/admin/listener.ora file.
HOST = oracle-lh POST = 1521 |
Set the same entries in the default /oracle/oracle/product/10.2.0/network/admin/tnsnames.ora file.
The values that you set in the listener.ora file and in the tnsnames.ora file must be the same.