B Configuring Oracle HTTP Server as Proxy
Oracle HTTP Server (OHS) can be used as a proxy server for UIM. It can be installed in the collocated mode or standalone mode. Oracle recommends you to install in the standalone mode and this document includes the steps for the standalone mode.
Directory and Placeholders Used
The following table shows the directory and place holders used in this document.
Table B-1 Directory Placeholders Used
| Placeholder | Directory Description |
|---|---|
| Oracle_Home | The home directory where OHS is installed. |
| OHS_Domain |
The location where domain is created. The default location is <Oracle_Home>/user_projects/domains/<OHS_DomainName>, where <OHS_DomainName> is the name of the OHS domain. |
| OHS_Component | The component directory that is created during domain creation. |
| Wallet_Path |
The directory where Oracle Wallet is created. The default path is <Oracle_Home>/sohsfmw/user_projects/domains/<OHS_DomainName>/config/fmwconfig/components/OHS/instances/<OHS_Component>/keystores/<Wallet_Name>, where Wallet_Name is the name of Oracle wallet. |
Configuring OHS
To configure OHS when installed in the standalone mode:
- Download and install Oracle HTTP Server 14.1.2. For more information on
installing OHS, see the OHS installation documentation: https://docs.oracle.com/en/middleware/fusion-middleware/14.1.2/wtins/product-installation.html
Note:
For information on OHS system requirements and specifications, see https://docs.oracle.com/en/middleware/fusion-middleware/14.1.2/sysrs/system-requirements-and-specifications.html. - Once OHS is successfully installed, go to
<Oracle_Home>/oracle_common/common/bin and run
config.shto create a domain. - After the domain is created, start the node manager. If the node
manager port conflicts with the node manager port of WebLogic domain, change the
node manager port of OHS using WLST. Start the node manager using the following
command:
./startNodeManager.shYou can locate this file in your <OHS_Domain>/bin directory.
-
Once the node manager is up, start your OHS component using the following command and provide the node manager password when prompted:
./startComponent.sh <ComponentName>You can locate this file in your <OHS_Domain>/bin directory.
-
Try accessing your OHS URL to verify that the OHS server is up:
http://<OHS_HostName>:<OHS_NonSSLPort>orhttps://<OHS_HostName>:<OHS_SSLPort>The OHS Welcome page appears.
Changing Node Manager Port
To change the node manager port, go to <Oracle_Home>/oracle_common/common/bin
and run ./wlst.sh:
[uimqa@orchlinux9-6 bin]$ ./wlst.sh
Initializing WebLogic Scripting Tool (WLST) ...
Welcome to WebLogic Server Administration Scripting Shell
Type help() for help on available commands
wls:/offline> readDomain('<Oracle_Home>/user_projects/domains/<OHS_DomainName>')
wls:/offline/ohsop80idp4>cd('Machine')
wls:/offline/ohsop80idp4/Machine>cd('localmachine')
wls:/offline/ohsop80idp4/Machine/localmachine>cd('NodeManager')
wls:/offline/ohsop80idp4/Machine/localmachine/NodeManager>cd('localmachine')
wls:/offline/ohsop80idp4/Machine/localmachine/NodeManager/localmachine>ls()
-rw- Adapter null
-rw- AdapterName null
-rw- AdapterVersion null
-rw- DebugEnabled false
-rw- Id 0
-rw- InstalledVMMAdapter
-rw- ListenAddress localhost
-rw- ListenPort 5556
-rw- NMSocketCreateTimeoutInMillis 15000
-rw- NMType null
-rw- Name localmachine
-rw- NodeManagerHome null
-rw- Notes null
-rw- PasswordEncrypted ********
-rw- ShellCommand null
-rw- Tag
-rw- UserName null
wls:/offline/ohsop80idp4/Machine/localmachine/NodeManager/localmachine>set('ListenPort',5555)
wls:/offline/ohsop80idp4/Machine/localmachine/NodeManager/localmachine>updateDomain()
wls:/offline/ohsop80idp4/Machine/localmachine/NodeManager/localmachine>closeDomain()
wls:/offline>exit()
Exiting WebLogic Scripting Tool.
Updating the mod_wl_ohs.conf File
You must edit the mod_wl_ohs.conf file to enable the OracleHTTP Server instance to forward requests to the applications deployed on the Oracle WebLogic Server or clusters.
To update the mod_wl_ohs.conf file:
- Navigate to <OHS_Domain>/config/fmwconfig/components/OHS/instances/<OHS_component> and open mod_wl_ohs.conf.
- Add directives as follows:
- To forward requests to the UIM application running on a single Oracle
WebLogic Server instance, specify
/Inventorywithin the<location>element as follows:<Location /Inventory> SetHandler weblogic-handler WebLogicHost host WebLogicPort port </Location>Where:
hostis the name of the WebLogic Administration server machine.portis the port of the server on which UIM is installed.
- To forward requests to the UIM application running on a cluster of Oracle
WebLogic Server instances, specify
/Inventorywithin a new<location>element as follows:<Location /InventoryWS> SetHandler weblogic-handler WebLogicHost host WebLogicPort port </Location>Where:
host1andhost2are the names of the WebLogic Administration server machines.port1andport2are the ports of the managed servers.
- To forward requests to the UIM Webservices running on a single Oracle
WebLogic Server instance, specify
/InventoryWSwithin a new<location>element as follows:<Location /InventoryWS> SetHandler weblogic-handler WebLogicHost host WebLogicPort port </Location>Where:
hostis the name of the WebLogic Administration server machine.portis the port of the server on which UIM is installed.
- To forward requests to the UIM application running on a single Oracle
WebLogic Server instance into which you want to deploy cartridges, specify
/InventoryWSwithin a new<location>element as follows:<Location /cartridge> SetHandler weblogic-handler WebLogicHost host WebLogicPort port </Location>Where:
hostis the name of the WebLogic Administration server machine.portis the port of the server on which UIM is installed.
- Similary, specify
/emwithin the<location>element to access em console.<Location /cartridge> SetHandler weblogic-handler WebLogicHost host WebLogicPort port </Location>Where:
hostis the name of the WebLogic Administration server machine.portis the port of the server on which UIM is installed.
- To forward requests to the UIM application running on a single Oracle
WebLogic Server instance, specify
Configuring SSL for OHS
Prerequisite: The custom certificate and corresponding keystore should be generated for UIM.
To configure SSL for OHS:
- Go to the path <OHS_Domain>/
config/fmwconfig/components/OHS/instances/<Component> /keystores/ and
create Oracle wallet for OHS as
follows:
./orapki wallet create -wallet <Wallet_Name> -auto_login_only ./orapki wallet add -wallet <Wallet_Name> -trusted_cert -cert <CERT_FILE> -auto_login_onlyThe wallet is created.
- Add keystore to the wallet as
follows:
./orapki wallet jks_to_pkcs12 -wallet <Wallet_Name> -keystore <Keystore file> -jkspwd <Password> - Go to <Oracle_Home>/user_projects/domains/<OHS _Domain>/config/fmwconfig/components/OHS/instances/<OHS_Component> and edit ssl.conf file. Search for Path to the wallet and update it with the created wallet path.
- Update mod_wl_ohs.conf file, located at
<Oracle_Home>/user_projects/domains/<OHS
Domain>/config/fmwconfig/components/OHS/instances/<OHS component> with
created wallet as follows:
<IfModule weblogic_module> WLSSLWallet “<Wallet_Path>” </IfModule> SSL ports of managed servers should be mentioned for WeblogicCluster and add SecureProxy ON and WLProxySSLPassThrough ON parameters in <Location/>. Example: <Location /Inventory> SetHandler weblogic-handler WebLogicCluster <Host1>:<MS1_SSL_Port>,<Host2>:<MS2_SSL_Port> Debug ALL DebugConfigInfo ON SecureProxy ON WLProxySSLPassThrough ON </Location> - Enable the WebLogic plugin for Admin Server and Managed Servers.
- In the WebLogic console, update the front-end host and HTTPS port with OHS host and port.
- To configure the SSL Policy or Certificate in WebLogic Console, follow the instructions mentioned in System Administrator’s Guide.