Install a certificate to secure communication with the Job Scheduler and Oracle InForm Adapter
On each Oracle Central Coding application server, an administrator must install a certificate for securing
communication with:
- The Job Scheduler service—You select the certificate in the installation wizard and you can replace it after installation using the utility UpdateJSCertificate. For more information, see Replacing the certificate to secure internal communication with the Job Scheduler service.
- Oracle InForm Adapter web services—You select the certificate using the utility PhaseForward.CentralCoding.UpdateIACertificate. For more information, see Selecting a certificate for Oracle Life Sciences InForm Adapter authentication.
The certificate:
- Must be installed to the LOCAL_MACHINE\MY store directory and made usable by the user who runs the ASP.NET worker process (by default, NETWORK SERVICE or IIS AppPool\Central Coding New Pool). You must also grant the NETWORK SERVICE and IIS AppPool\Central Coding New Pool users Full Control rights to the private key for the certificate.
- Must be 2048 bits or higher. This requirement applies to all the certificates in the certification path.
- Must use the SHA256 hashing algorithm. If a SHA1 certificate is used, a warning message appears when theOracle Central Coding application connects to Oracle InForm Adapter.
- To import the certificate:
-
- Open a command prompt window.
- Run the following command:
certutil -f -p <certificate password> -importpfx -csp "Microsoft Enhanced RSA and AES Cryptographic Provider" <full path to the pfx file> NoExport
- To grant the users NETWORK SERVICE and IIS AppPool\Central Coding New Pool full control to the private key of the certificate:
-
- Open the Microsoft Management console:
- Open a Command Prompt window.
- Enter mmc.
- Select File > Add/Remove
Snap-in.
The Add or Remove Snap-ins dialog box appears.
- In the list of available snap-ins, select Certificates.
- Click Add.
The Add dialog box appears.
- Click Computer account.
- Click Next.
- Click Local Computer.
- Click Finish.
- Click OK.
- In the Console Root tree of the Microsoft Management console, select Certificates (Local Computer) > Personal > Certificates.
- Right-click the certificate, and select All Tasks > Manage Private Keys.
- Click Add > Locations, and then select the computer name.
- Give full control rights to the users NETWORK SERVICE and ISS AppPool\Central Coding New Pool.
- Click OK.
- Open the Microsoft Management console:
Parent topic: Preparing the Oracle Central Coding installation