Implementing SSL communication with Endeca Server and Studio

By default, the Provisioning Service is configured to support SSL. Additional implementation is required to enable SSL communication with Endeca Server and Studio.

To implement secure communication with Endeca Server and Studio over SSL:

Copy the keystore cert files from the home directory of the Endeca Server installation to the domain home directory of the Provisioning Service.
Copy the following cert files:
- endecaServerClientCert.ks
- endecaServerTrustStore.ks
Configure the identity keystore and trust keystore on the WebLogic Server.
1. Start the Provisioning Service WebLogic domain.
2. Start a browser, go to the Administration Console for your server and log in.
3. On Keystores tab, change value in the Keystores field to Custom Identity and Custom Trust. Save this change.
4. In the Custom Identity Keystore field, enter the path to the identity keystore.
5. In the Custom Identity Keystore Type field, enter JKS.
6. In the Custom Identity Keystore Passphrase and Confirm Custom Identity Keystore Passphrase fields, enter the keystore passphrase usesd to generate the key on the Endeca Server.
7. In the Custom Trust Keystore field, enter the path to the trust keystore.
8. In the Custom Trust Keystore Type field, enter JKS.
9. In the Custom Trust Keystore Passphrase and Confirm Custom Trust Keystore Passphrase fields, enter the keystore passphrase usesd to generate the key on the Endeca Server.
Configure the WebLogic Server SSL parameters:
1. On the Adminstration Console of your WebLogic Server, click the SSL tab.
2. The value of the Private Key Alias must be Oracle Endeca Server Client Certificate. (This value should default from the keystore.)
3. In the Private Key Passphrase and Confirm Private Key Passphrase fields, enter the passphrase you entered when creating the certificates on the Endeca Server installation.
4. Click Save.