The following procedures describe how to configure a secure HTTPS connection from Oracle DIVA Enterprise Connect to the DIVAnet ManagerAdapter. The DIVAnet ManagerAdapter should be located on the DIVArchive Manager platform.
Before starting this procedure, ensure that during the DIVA Enterprise Connect Linux installation, you answered yes when prompted with Do you wish to configure SSL?. Ensure that you have properly configured HTTPS in the divas-config.properties file (see Chapter 3 for more information on setting the properties file).
The following steps require running utilities found in the Java JDK. The %JDK_HOME% is not an actual variable, but instead refers to %DIVAS_HOME%/JDK on Windows, and $DIVAS_HOME/JDK/default on Linux.
Use the following procedure to add the DIVA Enterprise Connect certificate to DIVAnet:
Copy Certificate: Take the DIVA Enterprise Connect certificate, located (by default) in %DIVAS_HOME%/%DOMAIN_NAME%/config/cert/divasCert.cer, and copy it to the computer where the DIVAnet ManagerAdapter is running. Change directory to %DIVANET_HOME% and place the certificate at that location.
Import: Run the following import command on the DIVAnet platform:
"%JKD_HOME%\keytool" -importcert -file divasCert.cer -alias divaselfsigncert -keystore Java\lib\security\cacerts2
At the password prompt, enter the DIVAnet keystore password (by default, changeit).
Enter Y when prompted Trust this certificate?.
Verify: Use the following command to verify the import:
"%JDK_HOME%\keytool" -list -keystore Java\lib\security\cacerts2 -alias divaselfsigncert -v
Delete the File: %DIVANET_HOME%\divasCert.cer.
Use the following procedure to add the DIVAnet certificate to DIVA Enterprise Connect:
Export: On the DIVAnet computer, change directory to %DIVANET_HOME%, and execute the following command to export the DIVAnet certificate:
"%JDK_HOME%\keytool" -exportcert -rfc -alias diva1219 -file Oracle_DIVAnet.cer -keystore Program\divanet\lib\diva129.jks
At the password prompt, enter the DIVAnet keystore password (by default, changeit).
Copy Certificate: Copy the Oracle_DIVAnet.cer that you just created to the computer where DIVA Enterprise Connect is running. Place the certificate in %DIVAS_HOME%.
Import: Change directory to %DIVAS_HOME%, and run the following import command on the DIVA Enterprise Connect platform:
%JDK_HOME%/bin/keytool -importcert -file Oracle_DIVAnet.cer -alias "oracle divanet" -keystore JDK/default/jre/lib/security/cacerts
Verify: Use the following command to verify the import:
%JDK_HOME%/bin/keytool -list -keystore JDK/default/jre/lib/security/cacerts -alias "oracle divanet" -v
At the password prompt, enter the DIVA Enterprise Connect keystore password (by default, changeit).
Enter Y when prompted Trust this certificate?.
Delete the File: %DIVAS_HOME%/Oracle_DIVAnet.cer.
Use the following procedure to configure SSL in WebLogic:
Log into the Weblogic Admin Console, and click Lock and Edit located in the upper-left corner of the screen.
Navigate to Environment, Servers, DivaServices, SSL, and then Advanced.
Set Hostname Verification to None, and set Two Way Cert Behavior to Client Certs Not Requested, and then click Save.
Click Activate Changes at the upper-left corner of the screen.
Execute the following commands to restart the services:
DIVAS stop divaSvcs DIVAS start divaSvcs
On Windows, you can also restart the services from the Microsoft Services Control Manager.
The DIVAnet ManagerAdapter must be running in HTTPS mode (HTTPS is the default). See to the Oracle DIVAnet Installation, Configuration, and Operations Guide in the Oracle DIVAnet documentation library for more information.