Secure Socket Layer (SSL) for Oracle InForm Adapter
Configure your environment so that the Oracle InForm Adapter feature server is hosted behind a firewall with an appliance such as an F5 load balancer for handling HTTPS and converting to HTTP.
The Oracle InForm web services allow for SSL setup so data that is transported between the client and web services is encrypted (if the Oracle InForm Adapter feature server is not behind an F5 and is accessed directly).
Clients calling the Oracle InForm web service should be configured to send data over SSL using TLS 1.2.
- If you are using CIS, secure the Transaction Adapter and Central Admin web services by running WebConfigFileSelector F5Cert. For this, you must upload an X.509 digital certificate from the CIS system to the personal certificate store on the Oracle InForm Adapter machine.
- If you are using Central Coding, secure the Adapter Admin WCF web service by
running WebConfigFileSelector F5Cert. For this, you must upload an X.509 digital
certificate from the Central Coding system to the personal certificate store on
the Oracle InForm Adapter machine.
You can also secure the Coding and Enhanced Discrepancy web services using digital certificates as described above or you can configure them to use username/password authentication over HTTPS by running WebConfigFileSelector F5. For this, the authentication user account must be active in the Oracle InForm study and the username and password must be stored in the Central Coding system. Change passwords on a regular basis to ensure security.
- If you are using ODM, secure the ODM web service by running WebConfigFileSelector F5Cert. For this, you must upload an X509 digital certificate from your ODM client application to the personal certificate store on the Oracle InForm Adapter application server.
Follow the best practices for configuring IIS. For more information, see the documentation available on the Microsoft TechNet website.
Parent topic: Installation overview