C Migrating Security Certificates when Using Secure LDAP

From 12c (12.2.1.3.0) onwards, the IBM LDAP client libraries used in previous versions of the product have been replaced with Oracle LDAP libraries. If you are using secure LDAP in your Oracle BI deployment, you need to create an Oracle wallet to manage your security credentials, and migrate your existing CA certificate to the wallet.

To check whether you are using secure LDAP:
  1. On the Oracle BI Administration Tool, click Manage and then Identity to open the Identity Manager.
  2. On the Identity Manager window, click Directory Servers on the left pane.
    The right pane displays the available LDAP objects.
  3. Select and open the LDAP object to open the LDAP Server dialog.
  4. On the LDAP Server dialog, click Advanced.
    If the SSL option is selected, then secure LDAP is in use.
If you are using secure LDAP, then you must first create an Oracle wallet and then specify the Oracle wallet directory on the Repository tab using the Oracle BI Administration Tool.

Creating an Oracle Wallet

To create an Oracle Wallet:
  1. Export the CA certificate from the key database file using the IBM key management utility (iKeyman) and save it in a .kdb file.
  2. Run the Oracle Wallet Manager.
  3. Create a new wallet and specify a password.
  4. From the Operations window, click Import Trusted Certificate.
  5. On the Import Trusted Certificate dialog, select the Select a file that contains the certificate option and click OK.
  6. Browse and select the file that you exported in step 1.
  7. Save the wallet and note its location.

Specifying the Wallet Directory

To specify the Oracle wallet directory:
  1. In the Oracle BI Administration Tool, click Tools.
  2. In the Options dialog, select the Repository tab.
  3. In the Wallet directory field, specify the location of the Oracle wallet that you created.
  4. Specify and confirm the password for this wallet and click OK.