This appendix describes the instructions on configuring OTA client for TLS authentication using Oracle Wallet. It includes the following topics:
Perform the following steps to configure OTA client for server authentication:
Import the server's trusted CA certificate into the Wallet.
When the wallet is created, the most common CA certificates are included automatically. If required, import the trusted root-CA certificate that signed your server's certificate.
Refer to Step 5 in Section 5.2 Configure Inbound Connections, My Oracle Support Knowledge Document 1367293.1, Enabling TLS in Oracle E-Business Suite Release 12.2.
Configure the following TLS related AutoConfig variables:
Parameter Name | AutoConfig Variable | Default Value |
---|---|---|
javax.net.ssl.trustStore | s_ssl_truststore | <s_web_ssl_directory>/Apache/cwallet.sso |
javax.net.ssl.trustStoreType | s_ssl_truststoretype | SSO |
test.trustmanager.algorithm | s_ssl_trustmanageralgorithm | OracleX509 |
Note: The parameter names listed in the table are in the $INST_TOP/appl/admin/oafm_wls.properties
file.
Refer to the Oracle E-Business Suite Setup Guide Release 12.2 for information on changing AutoConfig variables and executing AutoConfig in the application tier.
Ensure to stop and restart application tier services as part of AutoConfig execution.
Perform the following steps to configure OTA client for mutual authentication using Oracle Wallet:
Follow steps described in Configuring OTA Client for Server Authentication to import the server's trusted CA into Oracle Wallet.
Configure Oracle E-Business Suite WebLogic Server for TLS.
For information on configuration details, refer to Section 5.2 Configure Inbound Connections, My Oracle Support Knowledge Document 1367293.1, Enabling TLS in Oracle E-Business Suite Release 12.2.
Configure the following TLS related parameters:
Parameter Name | AutoConfig Variable | Value |
---|---|---|
javax.net.ssl.trustStore | s_ssl_truststore | <s_web_ssl_directory>/Apache/cwallet.sso |
javax.net.ssl.trustStoreType | s_ssl_truststoretype | SSO |
test.trustmanager.algorithm | s_ssl_trustmanageralgorithm | OracleX509 |
javax.net.ssl.keyStore | s_ssl_keystore | <s_web_ssl_directory>/Apache/cwallet.sso |
javax.net.ssl.keyStoreType | s_ssl_keystoretype | SSO |
test.keymanager.algorithm | s_ssl_keymanageralgorithm | OracleX509 |
Note: The parameter names listed in the table are in the $INST_TOP/appl/admin/oafm_wls.properties
file.
Run AutoConfig in the application tier. Refer to the Oracle E-Business Suite Setup Guide Release 12.2 for information on changing AutoConfig variables and executing AutoConfig in the application tier.
Ensure to stop and restart application tier services as part of AutoConfig execution.