Skip Headers
Oracle® Health Sciences Information Gateway Installation Guide
Release 1.2
E22757-01
Go to Documentation Home
Home		 Go to Book List
Book List		 Go to Table of Contents
Contents		 Go to Feedback page
Contact Us
Go to previous page
Previous		 Go to next page
Next
PDF · Mobi · ePub

3 Installing Certificates on Oracle Health Sciences Information Gateway

This chapter provides the instructions for completing the installation of the OHMPI VM, Policy Engine VM, or Health Record Locator VM self-signed certificates for the OHIG Adapter and the OHIG Gateway.

This chapter includes the following sections:

3.1 Installing Self-signed Certificates on OHIG Adapter VM

  1. Navigate to and run the script /home/hiauser/config/scripts/create-and-import-selfsigned-certs.sh to install the self-signed certificate. It does the following things:

    • Creates the keystore for the private internal key

    • Exports the certificate that will authenticate the internal key

    • Imports the trusted certificates into the truststore

    • Provides these certificates to appserver to use for authentication purposes

    > sh create-and-import-selfsigned-certs.sh

  2. Install the certificates from the other components that will communicate with the Adapter (Gateway, OHMPI, Record Locator, Policy Engine, and so on). Copy the certificate of the component VM <VM_HOSTNAME.cer> to the /home/hiauser/SUNWappserver/domains/domain1/config folder. Navigate to and run the scripts /home/hiauser/config/scripts/import-others-cert.sh. When prompted by the scripts, enter the VM hostname (it should match with the cert file you copied to the config folder without ".cer" suffix).

    >bash import-others-cert.sh

3.2 Installing Self-signed certificates on OHIG Gateway VM

  1. Navigate to and run the script home/hiauser/config/scripts/create-and-import-selfsigned-certs.sh to install the self-signed certificate. It does the following things:

    • Creates the keystore for the private internal key

    • Exports the certificate that will authenticate the internal key

    • Imports the trusted certificates into the truststore

    • Provides these certificates to appserver to use for authentication purposes

    > sh create-and-import-selfsigned-certs.sh

  2. Install the Adapter VM certificate. Copy the certificate of Adapter VM <ADAPTER_ VM_HOSTNAME.cer> to the /home/hiauser/SUNWappserver/domains/domain1/config folder. Navigate to and run the scripts /home/hiauser/config/scripts/import-others-cert.sh. When prompted by the scripts, enter the Adapter VM hostname (it should match with the cert file you copied to the config folder without ".cer" suffix).

    >bash import-others-cert.sh

3.3 Avoiding a Java Security Certificate Exception

To avoid a java.security.cert.CertificateException you need to ensure that your OHIG hostnames are not fully qualified.

To Make the Hostname Not Fully Qualified

  1. Set the OHIM and OHIG hostnames to be not fully qualified.

  2. Add aliases for all hosts.

  3. Regenerate and re-import the certificates.

  4. Restart all the servers.

  5. Test that you do not have a Java security certificate exception.

Go to previous page
Previous		 Go to next page
Next
Go to Documentation Home
Home		 Go to Book List
Book List		 Go to Table of Contents
Contents		 Go to Feedback page
Contact Us