Configuring SSL for Workstation Listener and Jolt Listener

SSL encryption establishes data privacy for messages moving between the machines in an application. The industry-standard TLS 1.0 protocol is used for SSL encryption. You can use 56-bit, 128-bit, or 256-bit SSL ciphers.

Before you can configure SSL on Workstation Listener or Jolt Listener, you should be familiar with the SSL min and max notation. The defaults for these parameters are:

  • For min: 0.

  • For max: Number of bits that indicates the highest level of encryption possible for the installed SSL version. For example, 56, 128, or 256.

    You can change the default values and assign new values to min and max in the psappsrv.cfg file for your application server.

To configure SSL for Workstation Listener and Jolt Listener, you should make changes in:

  • PSADMIN.

  • Configuration Manager.

  • PIA.

In PSADMIN, to configure SSL on Workstation Listener and Jolt Listener, follow these steps to provide the SSL port:

  1. Select option 4 - domain configuration.

  2. Select option 27 - WSL SSL Port to provide SSL port for Workstation client configuration.

  3. Select option 29 - JSL SSL Port to provide SSL port for Jolt configuration.

Additionally, you should provide wallet information in the Oracle Wallet section.

Note: Use the default values if you are not using your own wallet.

  1. Select option 15 - custom configuration.

  2. In the Oracle Wallet section, enter:

    1. Wallet location.

    2. Wallet name.

    3. Wallet password.

For example:

#Values for config section - Oracle Wallet
SEC_PRINCIPAL_LOCATION=%PS_SERVDIR%\security
SEC_PRINCIPAL_NAME=psft
SEC_PRINCIPAL_PASSWORD=password

These are the default values.

To configure SSL on Workstation Listener, you must specify Workstation wallet information on the Profile tab of Configuration Manager.

  1. Open Configuration Manager (pscfg.exe).

  2. Select the Profile tab, and edit the user profile.

  3. On the Database/Application Server tab, select a server of type Application Server or configure a server of type Application Server.

  4. In the Port Number field, enter the SSL port specified for WSL (as specified on PSADMIN).

  5. In the Wallet Location field, enter the location of the Oracle Wallet for client. The default value is <PS_HOME>/bin/client/winx86/security.

  6. In the Wallet Name field, enter the name of the Oracle wallet for client. The default value is wscpsft.

See Configuring User Profiles.

To configure SSL for Jolt Listener, set SSL port in PIA configuration.

  1. Edit the configuration.properties file (<PIA_HOME>\webserv\<DOMAIN_NAME>\applications\peoplesoft\PORTAL.war\WEB_INF\psftdocs\<SITE_NAME>).

  2. Enter the SSL port for psserver.

    psserver=<machine_name>:<SSL_port_for_JSL>

  3. Enter the Java Keystore password.

    #Keystore password for ssl connection
KeyStorePwd=encrypted_password