By default, the Apache HTTP Server 2.2.x agent installed on a remote Apache HTTP Server instance trusts any server certificate presented over SSL by the Oracle OpenSSO host server. For the Apache HTTP Server 2.2.x agent to perform certificate checking, you must disable this behavior.
 To Disable the Trust Behavior of the Apache HTTP Server Agent
To Disable the Trust Behavior of the Apache HTTP Server AgentFind the Apache HTTP Server 2.2.x agent's OpenSSOAgentBootstrap.properties file in the agent's /config directory. For example:
/opt/web_agents/apache22_agent/Agent_001/config/OpenSSOAgentBootstrap.properties
In the OpenSSOAgentBootstrap.properties file, set the SSL-related properties, depending on your specific deployment.
Note: These properties have new names for version 3.0 web agents.
Disable the option to trust the server certificate sent over SSL by the Oracle OpenSSO host server:
com.sun.identity.agents.config.trust.server.certs = false
Specify the certificate database directory. For example:
com.sun.identity.agents.config.sslcert.dir = /opt/apache-2.2.11/conf/certdb
If the certificate database directory has multiple certificate databases, set the following property to the prefix of the database you want to use. For example:
com.sun.identity.agents.config.certdb.prefix = prefix-
Specify the certificate database password:
com.sun.identity.agents.config.certdb.password = password
Specify the certificate database alias:
com.sun.identity.agents.config.certificate.alias = alias-name
Save the changes to the OpenSSOAgentBootstrap.properties file.
The agent uses information in the OpenSSOAgentBootstrap.properties file to start and initialize itself and to communicate with Oracle OpenSSO server.