2/26/10

SSL-enable Shared Services

1 Optional: If the CA root certificate you are using is not from a default trusted third-party CA, import the CA root certificate into the cacerts of the JVM. cacerts is in the /lib/security directory within the JRE install directory.

Ensure that you load the CA root certificate into all JREs used by EPM System (application server,EPM System applications, HTTP servers, LDAP servers, etc.). The typical location of the JVM:
l Oracle Application Server: ORACLE_AS_HOME/jdk/jre/lib/security
l WebLogic (you must import CA root certificate into both jRockit and SUN JVMs):
. jRockit: BEA_HOME/jrockitversion_number/jre/lib/security/cacerts
. SUN: BEA_HOME/jdkversion_number/jre/lib/security/cacerts
where version_number identifies the JRE version.
---------------------
To SSL-enable Shared Services on WebLogic:


1 Log on to WebLogic Administration Console.
2 Select Servers > Shared Services (admin).
3 From General, select SSL Listen Port Enabled.
4 Specify the port (for example, 28083) on which Shared Services listens for SSL communication.
5 From Keystore, set up the identity and trust keystore.
If you are not using a root certificate from a trusted third-party CA, verify that your root CA certificate is loaded into the trust keystore and that the server certificate is loaded into your identity keystore.
6 From SSL, set up the key alias, certificate location, and pass phrase.
7 Optional: Click Advanced and set Hostname Verification value to None.