1. Administration Guide
  2. Appendix: SSL Certificate Management

A Appendix: SSL Certificate Management

This appendix contains additional information related to the configuration of ORBC environments, such as the process for setting up SSL certificates for Production and UAT environments.

All Oracle Cloud Services must be securely accessed by using SSL Certificates. Oracle will accept individual Web Server Certificates or SAN Certificates. The use of wildcard certificates is not permitted.

Domain (URL) Management

The Oracle Brand Compliance service (ORBC) typically requires four internet domains (URLs) to be registered in order to access the service:

  • Production

    Domain 1: URL to access the primary ORBC web portal.

    Domain 2: URL to access the ORBC Reporting portal (this portal is only accessed from within the ORBC web portal).

  • UAT

    Domain 3: URL to access the UAT primary ORBC web portal.

    Domain 4: URL to access the UAT ORBC Reporting portal (this portal is only accessed from within the ORBC web portal).

The above domains are registered and managed by you, the customer.

Domain Mapping Example

Below is an example of how each domain is mapped in a DNS configuration.

There is a Common Name, which will be the primary domain name, such as orbc-customerdomain.com and then sub-domains. Each domain is then mapped to point to the Oracle CNAME record for each of the ORBC web portals.

Domain Mapping Overview for orbc-customerdomain.com

  • Production

    Customer External Domain         Oracle Domain - CNAME Record
www.orbc-customerdomain.com      cou1-orbc-prod.retail.oracleindustry.com
rep.orbc-customerdomain.com      cou1-orbc-prod-rep.retail.oracleindustry.com

  • UAT

    External Domain                Domain - CNAME Record
uat.orbc-customerdomain.com    cou1-orbc-uat.retail.oracleindustry.com
uatrep.orbc-customerdomain.com cou1-orbc-uat-rep.retail.oracleindustry.com

The above is for guidance purposes only; you are free to choose the naming of your domains and the associated configuration.

Procedure Summary

This procedure assumes the use of SAN based SSL certificates.

  1. Ensure your DNS configuration is configured and propagated to the internet.

  2. Provide Oracle with your domain registrant information and the Common Domain name to Oracle. See the required information format below.

  3. Oracle will generate a Certificate Signing Request (CSR) file and will issue it to you, based on the information you provided in Step 2.

  4. You will need to procure the SSL Certificate with your preferred SSL Certificate Authority (CA) vendor.

  5. Ensure you request a SAN SSL Certificate and include all the required subdomains you have registered for the ORBC service to the certificate.

  6. Once you have the CA signed SSL certificate, send the signed SAN Certificate (including any intermediate key chain certs) or URL web address (recommended) to retrieve the SSL, to Oracle.

  7. Oracle will publish the SSL certificate and will inform you when completed.

SSL Information Format Example

Organization Name: Acme UK Ltd.

Organization Unit: Logistics

State: Leicestershire

Locality: Leicester

Country Code: GB

Common Name: orbc-acme-logistics.com

The above information must be completely identical to the registrant information you have registered with your SSL Certificate Authority vendor.