1. Configuring the SharePoint Application
  2. Performing Postconfiguration Tasks for the SharePoint Connector
  3. Configuring SSL

4.6 Configuring SSL

Configure SSL to secure data communication between Oracle Identity Governance and the Azure AD and the SharePoint Online target system.

Note:

If you are using this connector along with a Connector Server, then there is no need to configure SSL. You can skip this section.
To configure SSL:
  1. Obtain the SSL public key certificate of Azure AD and SharePoint Online
  2. Copy the public key certificate of Azure AD and SharePoint Online to the computer hosting Oracle Identity Governance.
  3. Run the following keytool command to import the public key certificate into the identity key store in Oracle Identity Governance:
    keytool -import -alias ALIAS -trustcacerts -file CERT_FILE_NAME -keystore KEYSTORE_NAME -storepass PASSWORD
    In this command:

    • ALIAS is the public key certificate alias.

    • CERT_FILE_NAME is the full path and name of the certificate store (the default is cacerts).

    • KEYSTORE_NAME is the name of the keystore.

    • PASSWORD is the password of the keystore.

    keytool -import -alias serverwl -trustcacerts -file supportcert.pem -keystore client_store.jks -storepass weblogic1

    The following are sample values for this command:

    • keytool -import -keystore <JAVA_HOME>/jre/lib/security/cacerts -file <Cert_Location>/BaltimoreCyberTrustRoot.crt -storepass changeit -alias BaltimoreCyberTrustRoot_1

      keytool -import -keystore <JAVA_HOME>/jre/lib/security/cacerts -file <Cert_Location>/MicrosoftITTLSCA1.crt -storepass changeit -alias MicrosoftITTLSCA1_1

    • keytool -import -keystore <WL_HOME>/server/lib/DemoTrust.jks -file <Cert_Location>/BaltimoreCyberTrustRoot.crt -storepass DemoTrustKeyStorePassPhrase -alias BaltimoreCyberTrustRoot_1

      keytool -import -keystore <WL_HOME>/server/lib/DemoTrust.jks -file <Cert_Location>/MicrosoftITTLSCA1.crt -storepass DemoTrustKeyStorePassPhrase -alias MicrosoftITTLSCA1_1

    Note:

    • Change the parameter values passed to the keytool command according to your requirements. Ensure that there is no line break in the keytool arguments

    • Ensure that the system date for Oracle Identity Governance is in sync with the validity date of the SSL certificate to avoid any errors during SSL communication.