The blog covers various articles and posts on Cloud, Big Data Analytics, Data Science, Machine Learning, DevOps, Full Stack Development, Java and Middleware Technologies
Friday, October 16, 2015
OIM and OIA SSL Setup and keytool and orapki commands
keytool -importcert -alias youranyaliasname -trustcacerts -file /tmp/deepak/dubey/filename.pem -keystore /tmp/deepak/dubey/mycustomkeystore.jks
on oim admin console
hostname verification to none
update xlconfig.xml to t3s and ssl port
copy 3 jar files
webservices+ssl.jar
jcryptoj.jar
change the keystores in OIA weblogic from the demo keystores to OIM's custom keystores
OHS to OIM mod_wl_ohs.conf
<Location /identity>
SetHandler weblogic-handler
WLCookieName oimjsessionid
WebLogicHost deepak.dubey.com
WebLogicPort 14001
Debug ALL
SecureProxy ON
WlSSLWallet "/tmp/deepak/dubey/wallets/ohs_proxy_ssl_wallet"
WLIOTimeoutSecs 600
Idempotent OFF
WLSRequest ON
WLProxySSL ON
WLProxySSLPassThrough ON
</Location>
change ssl.conf
SSLWallet "/tmp/deepak/dubey/wallets/ohswallet"
./orapki wallet create -wallet /tmp/deepak/dubey/wallets/ohswallet -auto_login_only
./orapki wallet add -wallet /tmp/deepak/dubey/wallets/ohswallet -dn CN=hostname -keysize 2048 -self_signed -validity 3650 -auto_login_only
./orapki wallet create -wallet /tmp/deepak/dubey/wallets/ohs_proxy_ssl_wallet -auto_login_only
./orapki wallet add -wallet /tmp/deepak/dubey/wallets/ohs_proxy_ssl_wallet -trusted_cert -cert RootCA.txt -auto_login_only
./orapki wallet add -wallet /tmp/deepak/dubey/wallets/ohs_proxy_ssl_wallet -trusted_cert -cert HostNameSelfSigned.txt -auto_login_only
keytool -importcert -alias OHS -file OIM-Server.cert -keystore /tmp/deepak/dubey/config/keystores/appTrustKeyStore-hostname.jks
keytool -export -alias myAliasName -file /tmp/deepak/dubey/myAliasName.txt -keystore /tmp/deepak/dubey/config/KeyStores/appIdentityKeyStore.jks -rfc
keytool -export -alias RootCA -file /tmp/deepak/dubey/RootCA.txt -keystore /tmp/deepak/dubey/config/KeyStores/appTrustKeyStore-hostname.jks -rfc