- Administrator's Guide
- Integrating Data
- Loading Data
- Integrating with the EPM Cloud
- Configuring the Secure Sockets Layer (SSL) Certificate
Configuring the Secure Sockets Layer (SSL) Certificate
Note:
If Oracle Essbase is on a different server other than the Oracle Hyperion Financial Data Quality Management, Enterprise Edition server and you enable SSL, then install/update Essbase client to let the FDMEE contact Essbase.To configure the SSL Certificate:
-
Export the SSL certificate for the EPM Cloud site.
The following example shows download information in a Mozilla Firefox browser.
- To download the certificate type in the URL, click the Lock.
-
Select the site and view the certificate.
- Click the domain in the hierarchy and save the certificate.
- Assign the name pbcs.crt.
-
Copy the certificate file to your server, and import the certificate to the WebLogic keystore.
Note:
The following instructions are for the Demo Key store in Web Logic. If you are using the production data store, modify parameters accordingly- At a command prompt, type: cd C:\Oracle\Middleware\wlserver_10.3\server\lib.
-
Type: C:\Oracle\Middleware\jdk1.8.0_181\jre\bin\keytool
-importcert -keystore DemoTrust.jks -storepass
DemoTrustKeyStorePassPhrase -file c:/temp/pbcs.crt -alias
"pbcs_pod_name"
For the "file," specify the directory and certificate file name.For the "alias," specify the appropriate name.
-
Using the WebLogic Admin Console, modify two WLS SSL settings.
- Login to the WebLogic Admin Console.
- Select Lock and Edit.
- Select Servers, and then ErpIntegrator0.
- Select SSL and then expand Advanced.
-
Enable JSEE SSL.
WebLogic Server uses an SSL implementation based on Java Secure Socket Extension (JSSE). JSSE is the Java standard framework for SSL and TLS and includes both blocking-IO and non-blocking-IO APIs, and a reference implementation including several commonly-trusted CAs.
The JSSE-based SSL implementation interoperates over SSL with instances of Weblogic Server version 8.1 and later that use the Certicom SSL implementation. That is, when WebLogic Server with JSSE SSL is used as either an SSL client or as the SSL server, it can communicate via SSL with instances of WebLogic Server (version 8.1 and later) that use the Certicom SSL implementation.
For more information, see Using the JSSE-Based SSL Implementation: https://docs.oracle.com/middleware/12213/wls/SECMG/ssl_jsse_impl.htm#SECMG494
- In Hostname Verification, select Customer Hostname Verifier.
- In Custom Hostname Verifier, enter: weblogic.security.utils.SSLWLSWildcardHostnameVerifier.
-
Save and activate changes.
-
Restart the FDMEE server.
For each FDMEE server, you need to perform the steps above.