1. Administrator's Guide
  2. Integrating Data
  3. Loading Data
  4. Integrating with the EPM Cloud
  5. Configuring the Secure Sockets Layer (SSL) Certificate

Configuring the Secure Sockets Layer (SSL) Certificate

Use the steps in this procedure to configure the SSL certificate for use with Oracle Enterprise Performance Management Cloud. A SSL is an encryption technology that builds an encrypted connection between the web server and the web browser.

Note:

If Oracle Essbase is on a different server other than the Oracle Hyperion Financial Data Quality Management, Enterprise Edition server and you enable SSL, then install/update Essbase client to let the FDMEE contact Essbase.

To configure the SSL Certificate:

  1. Export the SSL certificate for the EPM Cloud site.

    The following example shows download information in a Mozilla Firefox browser.

    Image shows Sign In To Oracle Cloud screen

    1. To download the certificate type in the URL, click the Lock.
    2. Select the site and view the certificate.

      Image shows Page Information screen and Certificate Viewer screen

    3. Click the domain in the hierarchy and save the certificate.
    4. Assign the name pbcs.crt.
  2. Copy the certificate file to your server, and import the certificate to the WebLogic keystore.

    Note:

    The following instructions are for the Demo Key store in Web Logic. If you are using the production data store, modify parameters accordingly
    1. At a command prompt, type: cd C:\Oracle\Middleware\wlserver_10.3\server\lib.
    2. Type: C:\Oracle\Middleware\jdk1.8.0_181\jre\bin\keytool -importcert -keystore DemoTrust.jks -storepass DemoTrustKeyStorePassPhrase -file c:/temp/pbcs.crt -alias "pbcs_pod_name"

      Image shows Administrator: Command Prompt

      For the "file," specify the directory and certificate file name.
      For the "alias," specify the appropriate name.
  3. Using the WebLogic Admin Console, modify two WLS SSL settings.
    1. Login to the WebLogic Admin Console.
    2. Select Lock and Edit.
    3. Select Servers, and then ErpIntegrator0.
    4. Select SSL and then expand Advanced.
    5. Enable JSEE SSL.

      WebLogic Server uses an SSL implementation based on Java Secure Socket Extension (JSSE). JSSE is the Java standard framework for SSL and TLS and includes both blocking-IO and non-blocking-IO APIs, and a reference implementation including several commonly-trusted CAs.

      The JSSE-based SSL implementation interoperates over SSL with instances of Weblogic Server version 8.1 and later that use the Certicom SSL implementation. That is, when WebLogic Server with JSSE SSL is used as either an SSL client or as the SSL server, it can communicate via SSL with instances of WebLogic Server (version 8.1 and later) that use the Certicom SSL implementation.

      For more information, see Using the JSSE-Based SSL Implementation: https://docs.oracle.com/middleware/12213/wls/SECMG/ssl_jsse_impl.htm#SECMG494

    6. In Hostname Verification, select Customer Hostname Verifier.
    7. In Custom Hostname Verifier, enter: weblogic.security.utils.SSLWLSWildcardHostnameVerifier.
    8. Save and activate changes.

      Image shows Advanced screen

  4. Restart the FDMEE server.
    For each FDMEE server, you need to perform the steps above.