This chapter outlines how the software is securely installed and configured.
The latest version of Oracle Enterprise Manager System Monitoring Plug-in for Oracle Key Manager is available for download from the Oracle Technology Network. The Plug-in distribution consists of a single package file for Oracle Enterprise Manager Cloud Control 12c. The package does not contain any utilities that allow it to be installed by itself. It must be imported and deployed into Oracle Enterprise Manager Cloud Control 12c by the administrator of Oracle Enterprise Manager Cloud Control 12c.
The Plug-in requires that the administrator of Oracle Enterprise Manager Cloud Control 12c obtain credentials for the Oracle Key Manager cluster from an Oracle Key Manager administrator to perform all required operations of the Plug-in. It is recommended that an Oracle Key Manager administrator follow the instructions in the Oracle Enterprise Manager System Monitoring Plug-in for Oracle Key Manager Installation Guide to generate the credentials and pass this information to the administrator of Oracle Enterprise Manager Cloud Control 12c.
The Plug-in does not store the credentials from Oracle Key Manager clusters. Credential management is handled by Oracle Enterprise Manager Cloud Control 12c, and the Plug-in simply consumes the credentials as provided by Oracle Enterprise Manager Cloud Control 12c.
The X.509 certificates that the Plug-in uses to authenticate itself with the OKM cluster are encrypted and are stored as PKCS#12 files. To further protect these certificates, the administrator of Oracle Enterprise Manager Cloud Control 12c should ensure that the permissions on these files are sufficiently restricted to prohibit access by unauthorized users.