1. Security Administration Guide
  2. Configuring Oracle HTTP Server for the EnterpriseOne HTML Server with SSL Ports

Configuring Oracle HTTP Server for the EnterpriseOne HTML Server with SSL Ports

To achieve end-to-end secured communication from OHS to JDE E1 web client:

  1. Enable SSL listen port of WebLogic managed server on which the application resides:

    1. Create a new key store to generate CA certificate.

    2. Export a certificate signing request (CSR), download and install a CA certificate along with the chain certificates into the key store created.

    3. Configure the identity and trust key stores for the WebLogic server.

  2. Enable SSL communication on OHS:

    1. Create a new wallet for OHS.

    2. Generate a private key, export a certificate signing request (CSR), and download and install a CA certificate along with the chain certificates into the key store created.

    3. Ensure that the ssl.conf file has HTTPS port enabled. By default, 4443 is enabled.

    4. Import the SSL chain certificates of the web application as trusted certificates in the OHS wallet.

  3. Import SSL certificates of OHS as trusted certificates in the WLS key store.

  4. Import SSL certificates of OHS as trusted certificates in the Java Standard Trust key store.

  5. After configuring the key store for the WebLogic managed server where HTML is deployed, select the corresponding managed server from the Weblogic Admin Console and Restart SSL.

  6. After configuring key store and wallet, follow these steps to configure the mod_wl_ohs.conf file:

    1. Navigate to the mod_wl_ohs.conf file located at <MW_Home>/user_projects/domain/<oamdomain>/config/fmwconfig/components/OHS/instances/<ohs_instance_name>/.

    2. Edit the mod_wl_ohs.conf file.

      i. Add a location section:

      <Location/jde> <-- EnterpriseOne Context
SetHandler weblogic-handler
WebLogicHost myserver.com
WebLogicPort 9003  <-- EnterpriseOne HTTPS Port
Debug ALL
SecureProxy ON
WlSSLWallet "OHS_wallet_location" <-- Wallet created in step 2
</Location>
    Note: Ensure that the ssl.conf file has the HTTPS port enabled. By default, the 4443 is enabled. This will be the SSO port.

  7. Restart the HTTP server.

    1. Change the directory to <MW_Home>/user_projects/domain/<oamdomain>/bin.

    2. Run ./stopComponent <ohs_instance_name>

    3. Run ./startComponent <ohs_instance_name>