Learn how to upgrade and patch App Gateway.
When an App Gateway release is available in the Oracle Identity Cloud Service Downloads page, you can execute the following procedure to upgrade your App Gateway server with the latest release.
If you are perfomring a patch upgrade, the App Gateway patch will be installed when you run the script. You don't need to download patch releases from the downloads page.
Note:The following applies only to App Gateway version 19.3.3 onwards. If you are running App Gateway version 19.2.1, then download and install a new App Gateway 19.3.3 (or newer version) server and replace the old-version server with this new-version server.
App Gateway versioning uses the following convention:
<release version>-<major version>.<minor version>.<build number>. For example, App Gateway version
19.3.3-1.0.1, means release
19.3.3, major version
1, minor version
0, and patch version
If you have multiple App Gateway instances, then repeat the following procedure for each App Gateway server.
- Use a SSH client such as
PuTTYto log in to the App Gateway server.
cd /scratch/oracle/cloudgate, and verify two information in this folder:
In the command prompt, execute the following command
cat /scratch/oracle/cloudgate/INSTALLED_VERSIONto verify the version of the App Gateway.The following example shows that the version of the App Gateway is
$ cd /scratch/oracle/cloudgate $ cat INSTALLED_VERSION OVA Base Version: 19.3.3-1.0.0 OVA Patch Version: Cloud Gate Version: 19.3.3-1910012252
Run the following command
ls -laand verify that the
homefolder links to the folder named the App Gateway version:The following example shows that the
homefolder is linked to the
$ cd /scratch/oracle/cloudgate $ ls -la total 16 drwx------. 6 oracle oracle 4096 Oct 2 00:23 19.3.3-1.0.0 lrwxrwxrwx. 1 oracle oracle 38 Oct 2 01:38 home -> /scratch/oracle/cloudgate/19.3.3-1.0.0 -rw-------. 1 oracle oracle 89 Oct 2 01:38 INSTALLED_VERSION drwx------. 3 oracle oracle 4096 Oct 2 01:38 ova drwxr-x---. 2 oracle oracle 4096 Oct 7 09:45 wallet
cd /scratch/oracle/cloudgate/home/bin, and then
./cg-upgradeto start the upgrade process.During the upgrade process, App Gateway contacts Oracle Identity Cloud Service to verify if a patch for your App Gateway is available. If so, then the process downloads the patch and applies the patch to your App Gateway server.
- After the upgrade process finishes, execute the commands described in step 2 and verify whether their return refers to the App Gateway patch or the upgraded version.
- Optional: Configure App Gateway in SSL mode. If you ran the
cg-upgradescript, and App Gateway was configured in non-SSL mode, then after running the
cg-upgradescript, complete the following steps. Note: If App Gateway was already configured in SSL mode, then don't complete the following steps.
Now the application can be accessed only through the HTTPS protocol and not the HTTP protocol.
- Get the SSL certificates.
- Log in to App Gateway and copy the certificates, for example, to
- Log in to the Oracle Identity Cloud Service Admin console, navigate to App Gateway, Hosts, and then open the required host and select Enable SSL.
- Navigate to App Gateway, Hosts, and then open the required host, navigate to Additional Properties and then add the path of the certificates and other information, such as
ssl_certificate /scratch/certificates/myappgateway.example.com.cert; ssl_certificate_key /scratch/certificates/myappgateway.example.com.key; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!MD5;
/usr/local/nginx/conf/cloudgate.config, search for
callbackPrefixand change its value from
- Execute the following commands so that you can see all changes reflected in App Gateway: