Skip Headers
Oracle® Retail Advanced Science Engine Security Guide
Release 14.1
E59123-01
Next
Contents
Title and Copyright Information
Send Us Your Comments
Preface
Documentation Accessibility
Related Documents
Customer Support
Review Patch Documentation
Improved Process for Oracle Retail Documentation Corrections
Oracle Retail Documentation on the Oracle Technology Network
Conventions
1
Overview
Physical Deployment Model
Dependent Applications
Security Features Overview
Securing the Application
Default Accounts and Passwords
Passwords
Address Translation
Application Time Out
Securing the Application Environment and Configuration
Database
Using Self-Signed Certificates
2
Secure Configuration
Operating System Considerations
Oracle Linux-Based Systems
Oracle Solaris-Based Systems
IBM AIX-Based Systems
Additional Resources
Infrastructure and Middleware Considerations
Database
Application Server
Application Configuration Considerations
Integration with Other Applications
Scripts and Command Line Utilities
3
Securing the WebLogic Server
Install Patch Set Updates
Setting Up a Secure WebLogic Domain
Administrative User Account
Operating System User Account
Listen Port Configuration
Setting Up Keystores
Setting Up Keystores and Trust Stores
Associating the Keystore and Trust Store with WebLogic Server
Configuring WebLogic Scripts in Order to Secure the Administration Server
Adding a Certificate to the JDK Keystore for the Installer
Enforcing Stronger Encryption in WebLogic
SSL Protocol Version Configuration
Upgrading JDK to Use Java Cryptography Extension
Enabling Cipher in WebLogic SSL Configuration
Securing Nodemanager with SSL Certificates
4
Securing the Database
Install Patch Set Updates
Application Schema Owners
Database Security Considerations
Special Security Options for Oracle Databases
Configuring SSL Connections for Database Communications
Configuring SSL on the Database Server
Configuring SSL on an Oracle Database Client
Configuring SSL on a Java Database Connectivity (JDBC) Thin Client
Configuring Oracle Wallet for Batch Script Execution
5
Troubleshooting
Java Version 7 SSL Handshake Issue While Using Self-Signed Certificates
Importing the Root Certificate in Local Client JRE
Importing the Root Certificate to the Browser
Importing the Root Certificate through Internet Explorer
Importing the Root Certificate Through Mozilla Firefox
Disabling Hostname Verification
Verifying the Certificate Content
Verifying Keystore Content
HTTPS Service Encountering a Redirect Loop After Applying Policy A
A
Appendix: Secure Services and Protocols
Securing the Network
Resources
Physical Security
Audit and Monitoring
Equipment Storage and Disposal