4.6 Configuring SSL

Configure SSL to secure data communication between Oracle Identity Governance and the SAP Fieldglass target system.

Note:

If you are using this connector along with a Connector Server, then there is no need to configure SSL. You can skip this section.

To configure SSL:

1. Obtain the SSL public key certificate of SAP Fieldglass.
2. Copy the public key certificate of SAP Fieldglass to the computer hosting Oracle Identity Governance.
3. Run the following keytool command to import the public key certificate into the identity key store in Oracle Identity Governance:

   keytool -import -alias ALIAS -trustcacerts -file CERT_FILE_NAME -keystore KEYSTORE_NAME -storepass PASSWORD

In this command:

• ALIAS is the public key certificate alias.
• CERT_FILE_NAME is the full path and name of the certificate store (the default is cacerts).
• KEYSTORE_NAME is the name of the keystore.
• PASSWORD is the password of the keystore.

The following are sample values for this command:

keytool -import -keystore <JAVA_HOME>/jre/lib/security/cacerts -file <Cert_Location>/SAPFieldGlass.crt -storepass changeit -alias FieldGlass _1

keytool -import -keystore <WL_HOME>/server/lib/DemoTrust.jks -file <Cert_Location>/SAPFieldGlass.crt -storepass DemoTrustKeyStorePassPhrase -alias FieldGlass_2

Note:

• Change the parameter values passed to the keytool command according to your requirements. Ensure that there is no line break in the keytool arguments.
• Ensure that the system date for Oracle Identity Governance is in sync with the validity date of the SSL certificate to avoid any errors during SSL communication.