Bookshelf Home | Contents | Index | PDF     

Desktop Integration Siebel Agent Guide > Generating and Deploying DISA Certificate > Setting Up DISA Environments and Generating DISA Certificates >

Enabling DISA for Siebel HTTPS Environment

This configuration is applicable only for a Siebel HTTPS environment in which Transport Layer Security (TSL) protocol is enabled using a self-signed certificate. If you are using recognized CA certificates, this configuration is not required because the configurations are already set in the JVM truststore.

  1. Identify the JVM DISA used.

    DISA uses its bundled JVM in <DISA_INSTALL_DIR>\jre by default. To identify the JVM, refer to Identifying the JVM DISA used on Windows.

  2. Export the X.509 public key certificate file that the Siebel HTTPS environment uses.

    NOTE:  The Administrator responsible for enabling SSL for Siebel can provide the certificate. You can also export the certificate from browsers such as Chrome and Firefox when visiting the Siebel HTTPS environment. For more information, refer to Exporting the certificate from Google Chrome.

    Validate the certificate content before you import and ensure that the Java keytool can parse the certificate and display its content with cmd keytool -v -printcert -file C:\certname.cer.

  3. Import the certificate to the truststore of JVM and do the following:
    1. Run the following command in cmd.exe with Administrator privileges:

    "C:\DISA\jre\bin\keytool.exe" -import -noprompt -trustcacerts -alias testalias -file "C:\certname.cer" -keystore "C:\DISA\jre\lib\security\cacerts" -storepass changeit

    1. Make the following changes in information in the cmd.exe:

    <C:\DISA\jre>: replace the path of the JVM path from step 1

    <testalias>: replace the alias name

    <C:\certname.cer>: replace the path of certificate from step 2

    <changeit>: replace with the trust store password; by default the password is the string "changeit"

  4. Restart DISA to make the updates to truststore take effect.
  5. Refresh or log in to Siebel.

    TIP:   After you enable DISA in the Siebel HTTPS environment, you can use the updated cacerts file (C:\DISA\jre\lib\security\cacerts in the example) across different client machines in which DISA is installed and skip the configuration steps.

Identifying the JVM DISA used on Windows

  1. Open Windows Task Manager.
  2. From View menu option, select Select Columns.
  3. In the Select Process page columns window, select the Image Path Name check box in Windows Task Manager, and click OK.
  4. Run DISA.

    Locate the process javaw.exe or javaw.exe *32 in the Processes tab in the Windows Task Manager and note down the Image Path Name.

Exporting the certificate from Google Chrome

  1. Open the Siebel application using the format: http://<server>.us.oracle.com:<port>/siebel/app/<appname>/<lang>. For example http://slc06wyt.us.oracle.com:16660/siebel/app/callcenter/enu.

    Disregard the security error that may appear and proceed until the Siebel login page displays with an HTTPS URL.

  2. Open Google Chrome Developer Tools.
  3. Select the Security tab.
  4. Click View Certificates. The certificate viewer opens up.
  5. Export the certificate file with the following steps:
    1. Click the Details tab in the Certificate window.
    2. Click the Copy to File... button.
    3. The Certificate Export Wizard opens. Follow the instructions in the wizard.

      1. Select the export file format and click Next.

      2. Click Browse to export the file.

      3. Select the certificate file name in the Save As screen and click Save. The certificate name and path displays in the File to Export screen. Note it down for later use.

      4. Click Finish.

      
Desktop Integration Siebel Agent Guide Copyright © 2017, Oracle and/or its affiliates. All rights reserved. Legal Notices.