How to enable SSL for policy service?

Hi all,
My application is using SunONE's C API to communicate with the Identity Server.
In order to enable SSL, I have changed the following lines in amconfig.properties:
com.sun.am.namingURL = https://id01.core.development.net:443/amserver/namingservice
com.sun.am.policy.am.loginURL = https://id01.core.development.net:443/amserver/UI/Login
com.sun.am.policy.am.library.loginURL = https://id01.core.development.net:443/amserver/UI/Login
After operating these changes, everything continued to work fine...but then, I checked with a network sniffer what data is being sent to IS:
- The login and naming data were over SSL
- Policy and session items were plain HTTP
My questions are:
1. How to enable SSL for policy evaluation requests?
2. How to enable SSL for sessionservice requests?
3. What are the changes required on the server/client?
Many thanks,
Dan

There might a better different forum for this question.

Similar Messages

  • Enabling SSL for Oracle Enterprise Manager 10.1.3.1 is Failing!!!

    Hi All,
    I have followed the steps described in
    http://download-uk.oracle.com/docs/cd/B31017_01//core.1013/b28940/em_app.htm#BABCEEAH.
    However when I am trying to start the application server using 'opmnctl startall' the server is not starting and some timeout is getting generated in the log file.
    Is it that enabling SSL will only make the EM console secured? Then how to enable SSL for other soa components like - BPEL,ESB,OWSM? Are there any documentations available?
    Also please let me know how can I enable SSL for Oracle Application server console?
    Please any advice will be appreciated. I am in the middle of a project delivery.
    Thanks

    Hi,
    Let me first highlight the installation that I have done. I have installed SOA components with 'basic installation' mode.
    The log file under <ORACLE_SOA_HOME>/opmn/config/ has generated the following stack:-
    08/07/25 11:03:34 Start process
    08/07/25 11:03:37 WARNING: XMLApplicationServerConfig.overwriteSiteConfigPort Port assignment is ignored: web-site not found in the server OC4JServiceInfo id: default-web-site protocol: http hostname: null port: 8890 description: null
    08/07/25 11:03:37 WARNING: XMLApplicationServerConfig.overwriteSiteConfigPort Port assignment is ignored: web-site not found in the server OC4JServiceInfo id: secure-web-site protocol: https hostname: null port: 1156 description: null
    08/07/25 11:03:47 log4j:WARN No appenders could be found for logger (wsif).
    08/07/25 11:03:47 log4j:WARN Please initialize the log4j system properly.
    08/07/25 11:03:53 WARNING: OC4J Service: ascontrol-web-site with protocol: https and port: 1156 was not declared in opmn.xml
    08/07/25 11:03:53 Oracle Containers for J2EE 10g (10.1.3.1.0) initialized
    08/07/25 11:03:53 WARNING: OC4J will not send ONS ProcReadyPort messages to opmn for service: OC4JServiceInfo id: default-web-site protocol: http hostname: null port: 8890 description: null
    08/07/25 11:03:53 default-web-site hostname was null
    08/07/25 11:03:53 WARNING: OC4J will not send ONS ProcReadyPort messages to opmn for service: OC4JServiceInfo id: secure-web-site protocol: https hostname: null port: 1156 description: null
    08/07/25 11:03:53 secure-web-site hostname was null
    On the command prompt I am getting the following error:-
    opmn id=CALTP8BB32:6203
    0 of 1 processes started.
    ias-instance id=home.CALTP8BB32.cts.com
    +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
    ias-component/process-type/process-set:
    default_group/home/default_group/
    Error
    --> Process (index=1,uid=301928631,pid=2944)
    failed to start a managed process after the maximum retry limit
    Log:
    D:\product\SOASuite\opmn\logs\\default_group~home~default_group~1.log
    --------------------------------------------------------------+---------
    ias-component | process-type | pid | status
    --------------------------------------------------------------+---------
    OC4JGroup:default_group | OC4J:home | N/A | Down
    ASG | ASG | N/A | Down
    Please let me know where am I going wrong?
    Thanks,
    Mandrita.

  • Enable SSL for URL context

    I'm unsuccessful in my attempts to find documentation that details how to enable SSL for URL (context) in Apache. I currently have https secured communication enabled between clients and the oracle http server, but i would like to also extend this security to individual app components like the OWSM control, gateway, policy manager, etc. Please help if you know how to setup SSL for URL in Apache.
    Thanks in advance.

    Pl see if this MOS Doc can help
    How To Configure SSL For Discoverer 11g [ID 1359491.1]
    HTH
    Srini

  • Enable SSL for SQL used by ConfigMgr

    Hello guys,
    My DBA has decided to enable SSL encryption for an instance of SQL Server that is in use by our ConfigMgr.
    some background setup: Windows 2008 R2, SQL Server 2008, ConfigMgr 2007 R2
    My question is, how is enabling SSL for the SQL server will affect our ConfigMgr environment?
    Is there's anything I should change in ConfigMgr in case the SSL was enforced e.g all communication should use https instead of http?
    Sorry for being blunt here as we don't have this SSL on SQL setup before.
    Please share your suggestion & thoughs, really appreciate it! Thank you.
    ---Pat

    Just another reason not to use a shared SQL Server.
    First, I would bring this up as an issue to management -- folks shouldn't just be able to change configuration on something that your system depends upon without it being approved by you. There are ramifications and costs associated with any change such
    as this.
    Next, as far as ConfigMgr goes, I've never ever seen a discussion on it so doubt that it is supported; however, ultimately, the actual SQL connection is just something used by ConfigMgr, not created or controlled by ConfigMgr. ConfigMgr uses a System DSN
    based ODBC connection to connect to the DB on site system's with roles that directly connect to the DB. Thus, *in theory*, you could modify the connection string to use SSL.
    If you can't convince management that what the DBA did was reckless and costly, then you should open an advisory case with Microsoft via CSS to discuss your options -- this will cost $$$.
    Jason | http://blog.configmgrftw.com

  • How to enable DVM cache policy in soa suite 11G

    Hello,
    Can someone describe how to enable DVM cache policy in soa suite 11G?. Also how can i configure the cache policy to load values to cache at server startup? I have very large DVM which i want to load to cache for faster access.
    Thanks in advance.

    Hi,
    DVM cache policy is lazy load. there is no option to preload the cache with server startup currently. However this would be affecting only the first request the susequent requests are serviced from cache.
    HTH..
    appologies for reaching on this late.
    regards,
    Jitendra

  • Setting up ldap and enabling sso for disussion service

    How to do setup of discussion service site so that user base of the discussion site uses an external ldap like OID? It was very easy with Jive(on which oracle's version si based). It was done at the time of installation.
    I thought of using system properties that were defined for jive and using the same for oracle's disussion service but not sure what values I can provide for UserManager and GroupManager. I tried giving the same values as that we used in Jive but after restarting the WLS_Services the login function was not working at all. Is there a document that helps in doing this setup.
    Also, do we have a document on how to enable SSO with discussion services site?
    -Pratap

    I figured out how to do ldap settings for discussions. It is the same approach as that of jive. Go to C:\OracleMiddlewareHome\user_projects\domains\base_domain\config\fmwconfig\servers\WLS_Services\owc_discussions_11.1.1.2.0 and edit the jiveStartup.xml. Change to contain <setup>true</setup> to <setup>false</setup> . And log in to discussion site using the http://localhost:8890/owc_discussions. This will let you go through setup process where we can give the ldap settings.
    Can someone please help us in working with SSO?
    -Pratap

  • How to enable diagnostics in cloud services and virtual machine

    Hi All,
    I need to enable diagnostics  for cloud services and virtual machine in our
    cloud environment. I referred the below link.
    https://convective.wordpress.com/2014/06/27/using-azure-monitoring-services-api-with-azure-cloud-services/
    Installed azure SDK 2.5 and cloud services instance is not displayed for cloud services in Visual studio 2013. Please provide the steps to enable at run time. 
    1) How to enable this diagnostics at run time.
    2) How to enable event logs for cloud and Virtual machine
    3) How to get the event log data's from REST API.
    Please help to resolve this.
    Thanks.
    Regards,
    Rathidevi

    hi Rathidevi,
    In addition, you could enable diagnostics feature on VM from this blog:
    http://azure.microsoft.com/blog/2014/09/02/windows-azure-virtual-machine-monitoring-with-wad-extension/
    Please refer to it.
    Regards,
    Will
    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click
    HERE to participate the survey.

  • How to enable SSL in iChat 3.1.9

    Can anyone please tell me how to enable SSL in iChat 3.1.9 for Tiger? I am having the error "Cannot connect to AIM." I was having on my Leopard macbook, but I enabled SSL and it works now. However, I can't see where to enable SSL in my iMac? Thanks ahead of time for any help!

    Ok, upon doing research, I hav found out that there is no SSL to enable until ichat 4.

  • How to enable SSL in oracle 11i

    HI
    1)How to enable SSL in oracle 11i
    2)How do I make an oralce 11i instance available on the internet
    can some one suggest the procedure and the metalink doc or forums that can be referred to for better understanding and using the applcaitons
    Regrads

    Refer to the following notes:
    Note: 123718.1 - 11i: A Guide to Understanding and Implementing SSL for Oracle Applications
    https://metalink.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=123718.1
    Note: 217368.1 - Advanced Configurations and Topologies for Enterprise Deployments of E-Business Suite 11i
    https://metalink.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=217368.1
    Note: 229335.1 - Best Practices For Securing Oracle E-Business Suite 11i For Internet Access
    https://metalink.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=229335.1

  • How to enable GUI for a Cisco 1841?

    How to enable GUI for a Cisco 1841?

    Hi,
    install SDM or CCP on your PC then on the router :
    en
    conf t
    ip dhcp excluded-address 192.168.1.254
    ip dhcp pool MYPOOL
    network 192.168.1.0 255.255.255.0
    default-router 192.168.1.254
    ip http server
    ip http authentication local
    username xxx privilege 15 secret   xxxx
    int f0/0
    ip address 192.168.1.254 255.255.255.0
    no shutdown
    Regards.
    Alain.

  • How to activate trace for web services

    Hi Experts,
    How to activate trace for web services in SOAMANAGER.
    We are not able to view the Payload trace of the error logs.
    Can anyone please let me know how to go about this???
    Regards,
    Ashwini

    Hi Ashwini,
    The thread below might be useful to you:
    [SOAMANAGER - Get the XML generated;
    Regards, Trevor

  • How to enable SSL in order to access web appln. deployed in CE using https?

    Hi,
    I am new to Netweaver and this forum. Not sure if I am posting my question in right forum category. Please let me know otherwise.
    Question -
    I would like to know how to enable SSL in order to access the deployed web application in Netweaver environment using https instead of http.
    System Info:
    Netweaver 7.1
    Database: SAP DB (KERNEL    7.7.04   BUILD 021-123-186-883)
    OS: Linux (amd64) 2.6.18-194.el5
    Note: I have general idea about how to enable SSL in a non-SAP application server like tomcat using valid certificate (like enabling SSL in tomcat and adding certificate to server & Java keystore). But since I am new to Netweaver, not sure how to enable the same in Netweaver environment.
    Any help would be much appreciated.
    Thanks
    Edited by: Gopi.j on Oct 15, 2010 8:04 PM

    hi
    check the following sap help.
    http://help.sap.com/saphelp_nwce71core/helpdata/en/f1/2de3be0382df45a398d3f9fb86a36a/frameset.htm
    Best regards,
    John

  • How to enable logging for the Web Proxy

    Hi,
    Does anyone know how to enable logging for the Web Proxy feature under "Web" in Server Admin?

    Aren't the web proxy hits logged in the standard apache logs? /var/log/httpd/access_log

  • How to generate client for GetFile service of Webcenter Content Management.

    How to generate client for GetFile service of Webcenter Content Management.
    Downloaded file : GetFile.wsdl
    <?xml version="1.0" encoding="utf-8" ?>
    - <definitions xmlns:http="http://schemas.xmlsoap.org/wsdl/http/" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:s="http://www.w3.org/2001/XMLSchema" xmlns:s0="http://www.stellent.com/GetFile/" targetNamespace="http://www.stellent.com/GetFile/" xmlns="http://schemas.xmlsoap.org/wsdl/">
    - <types>
    - <s:schema elementFormDefault="qualified" targetNamespace="http://www.stellent.com/GetFile/">
    - <s:element name="GetFileByID">
    - <s:complexType>
    - <s:sequence>
    <s:element minOccurs="0" maxOccurs="1" name="dID" type="s:int" />
    <s:element minOccurs="0" maxOccurs="1" name="rendition" type="s:string" />
    <s:element minOccurs="0" maxOccurs="1" name="extraProps" type="s0:IdcPropertyList" />
    </s:sequence>
    </s:complexType>
    </s:element>
    - <s:element name="GetFileByIDResponse">
    - <s:complexType>
    - <s:sequence>
    <s:element minOccurs="0" maxOccurs="1" name="GetFileByIDResult" type="s0:GetFileByIDResult" />
    </s:sequence>
    </s:complexType>
    </s:element>
    - <s:complexType name="GetFileByIDResult">
    - <s:sequence>
    <s:element minOccurs="0" maxOccurs="unbounded" name="FileInfo" type="s0:FileInfo" />
    <s:element minOccurs="0" maxOccurs="1" name="downloadFile" type="s0:IdcFile" />
    <s:element minOccurs="0" maxOccurs="1" name="StatusInfo" type="s0:StatusInfo" />
    </s:sequence>
    </s:complexType>
    - <s:element name="GetFileByName">
    - <s:complexType>
    - <s:sequence>
    <s:element minOccurs="0" maxOccurs="1" name="dDocName" type="s:string" />
    <s:element minOccurs="0" maxOccurs="1" name="revisionSelectionMethod" type="s:string" />
    <s:element minOccurs="0" maxOccurs="1" name="rendition" type="s:string" />
    <s:element minOccurs="0" maxOccurs="1" name="extraProps" type="s0:IdcPropertyList" />
    </s:sequence>
    </s:complexType>
    </s:element>
    - <s:element name="GetFileByNameResponse">
    - <s:complexType>
    - <s:sequence>
    <s:element minOccurs="0" maxOccurs="1" name="GetFileByNameResult" type="s0:GetFileByNameResult" />
    </s:sequence>
    </s:complexType>
    </s:element>
    - <s:complexType name="GetFileByNameResult">
    - <s:sequence>
    <s:element minOccurs="0" maxOccurs="unbounded" name="FileInfo" type="s0:FileInfo" />
    <s:element minOccurs="0" maxOccurs="1" name="downloadFile" type="s0:IdcFile" />
    <s:element minOccurs="0" maxOccurs="1" name="StatusInfo" type="s0:StatusInfo" />
    </s:sequence>
    </s:complexType>
    - <s:complexType name="FileInfo">
    - <s:sequence>
    <s:element minOccurs="0" maxOccurs="1" name="dDocName" type="s:string" />
    <s:element minOccurs="0" maxOccurs="1" name="dDocTitle" type="s:string" />
    <s:element minOccurs="0" maxOccurs="1" name="dDocType" type="s:string" />
    <s:element minOccurs="0" maxOccurs="1" name="dDocAuthor" type="s:string" />
    <s:element minOccurs="0" maxOccurs="1" name="dSecurityGroup" type="s:string" />
    <s:element minOccurs="0" maxOccurs="1" name="dDocAccount" type="s:string" />
    <s:element minOccurs="0" maxOccurs="1" name="dID" type="s:int" />
    <s:element minOccurs="0" maxOccurs="1" name="dRevClassID" type="s:int" />
    <s:element minOccurs="0" maxOccurs="1" name="dRevisionID" type="s:int" />
    <s:element minOccurs="0" maxOccurs="1" name="dRevLabel" type="s:string" />
    <s:element minOccurs="0" maxOccurs="1" name="dIsCheckedOut" type="s:boolean" />
    <s:element minOccurs="0" maxOccurs="1" name="dCheckoutUser" type="s:string" />
    <s:element minOccurs="0" maxOccurs="1" name="dCreateDate" type="s:string" />
    <s:element minOccurs="0" maxOccurs="1" name="dInDate" type="s:string" />
    <s:element minOccurs="0" maxOccurs="1" name="dOutDate" type="s:string" />
    <s:element minOccurs="0" maxOccurs="1" name="dStatus" type="s:string" />
    <s:element minOccurs="0" maxOccurs="1" name="dReleaseState" type="s:string" />
    <s:element minOccurs="0" maxOccurs="1" name="dFlag1" type="s:string" />
    <s:element minOccurs="0" maxOccurs="1" name="dWebExtension" type="s:string" />
    <s:element minOccurs="0" maxOccurs="1" name="dProcessingState" type="s:string" />
    <s:element minOccurs="0" maxOccurs="1" name="dMessage" type="s:string" />
    <s:element minOccurs="0" maxOccurs="1" name="dReleaseDate" type="s:string" />
    <s:element minOccurs="0" maxOccurs="1" name="dRendition1" type="s:string" />
    <s:element minOccurs="0" maxOccurs="1" name="dRendition2" type="s:string" />
    <s:element minOccurs="0" maxOccurs="1" name="dIndexerState" type="s:string" />
    <s:element minOccurs="0" maxOccurs="1" name="dPublishType" type="s:string" />
    <s:element minOccurs="0" maxOccurs="1" name="dPublishState" type="s:string" />
    <s:element minOccurs="0" maxOccurs="1" name="dDocID" type="s:int" />
    <s:element minOccurs="0" maxOccurs="1" name="dIsPrimary" type="s:boolean" />
    <s:element minOccurs="0" maxOccurs="1" name="dIsWebFormat" type="s:boolean" />
    <s:element minOccurs="0" maxOccurs="1" name="dLocation" type="s:string" />
    <s:element minOccurs="0" maxOccurs="1" name="dOriginalName" type="s:string" />
    <s:element minOccurs="0" maxOccurs="1" name="dFormat" type="s:string" />
    <s:element minOccurs="0" maxOccurs="1" name="dExtension" type="s:string" />
    <s:element minOccurs="0" maxOccurs="1" name="dFileSize" type="s:int" />
    <s:element minOccurs="0" maxOccurs="1" name="CustomDocMetaData" type="s0:IdcPropertyList" />
    </s:sequence>
    </s:complexType>
    - <s:complexType name="StatusInfo">
    - <s:sequence>
    <s:element minOccurs="0" maxOccurs="1" name="statusCode" type="s:int" />
    <s:element minOccurs="0" maxOccurs="1" name="statusMessage" type="s:string" />
    </s:sequence>
    </s:complexType>
    - <s:complexType name="IdcPropertyList">
    - <s:sequence>
    <s:element minOccurs="0" maxOccurs="unbounded" name="property" type="s0:IdcProperty" />
    </s:sequence>
    </s:complexType>
    - <s:complexType name="IdcProperty">
    - <s:sequence>
    <s:element minOccurs="0" maxOccurs="1" name="name" type="s:string" />
    <s:element minOccurs="0" maxOccurs="1" name="value" type="s:string" />
    </s:sequence>
    </s:complexType>
    - <s:complexType name="IdcFile">
    - <s:sequence>
    <s:element minOccurs="0" maxOccurs="1" name="fileName" type="s:string" />
    <s:element minOccurs="0" maxOccurs="1" name="fileContent" type="s:base64Binary" />
    </s:sequence>
    </s:complexType>
    </s:schema>
    </types>
    - <message name="GetFileByIDSoapIn">
    <part name="parameters" element="s0:GetFileByID" />
    </message>
    - <message name="GetFileByIDSoapOut">
    <part name="parameters" element="s0:GetFileByIDResponse" />
    </message>
    - <message name="GetFileByNameSoapIn">
    <part name="parameters" element="s0:GetFileByName" />
    </message>
    - <message name="GetFileByNameSoapOut">
    <part name="parameters" element="s0:GetFileByNameResponse" />
    </message>
    - <portType name="GetFileSoap">
    - <operation name="GetFileByID">
    <input message="s0:GetFileByIDSoapIn" />
    <output message="s0:GetFileByIDSoapOut" />
    </operation>
    - <operation name="GetFileByName">
    <input message="s0:GetFileByNameSoapIn" />
    <output message="s0:GetFileByNameSoapOut" />
    </operation>
    </portType>
    - <binding name="GetFileSoap" type="s0:GetFileSoap">
    <soap:binding transport="http://schemas.xmlsoap.org/soap/http" style="document" />
    - <operation name="GetFileByID">
    <soap:operation soapAction="http://www.stellent.com/GetFile/" style="document" />
    - <input>
    <soap:body use="literal" />
    </input>
    - <output>
    <soap:body use="literal" />
    </output>
    </operation>
    - <operation name="GetFileByName">
    <soap:operation soapAction="http://www.stellent.com/GetFile/" style="document" />
    - <input>
    <soap:body use="literal" />
    </input>
    - <output>
    <soap:body use="literal" />
    </output>
    </operation>
    </binding>
    - <service name="GetFile">
    - <port name="GetFileSoap" binding="s0:GetFileSoap">
    <soap:address location="http://localhost:7101/_dav/cs/idcplg" />
    </port>
    </service>
    </definitions>

    Hi,
    I would suggest you to check the time recording functionality, see
    details in:
    http://help.sap.com/saphelp_sm70ehp1_sp26/helpdata/en/d5/299631364d4e959
    c6609ca3bc24740/content.htm
    Another possibility is configuring the Service Level Agreement, see
    details in SDN blog:
    Service Desk: SLA configuration hints
    https://weblogs.sdn.sap.com/pub/wlg/24813
    or
    http://www.sdn.sap.com/irj/scn/weblogs?blog=/pub/wlg/24813
    Thanks
    Regards,
    Vikram

  • How used single ssl for tow exchange server without clustering

    how used single ssl for tow exchange server without clustering
    exchange 2003 std fron-end server
    used for add new server for owa failover or standby 

    Olivia, hopefully by now you have solved your issue but just for the sake of answering that question here so that people having the same issue can later find it I'll go through the motions:
    there are a couple of ways you can achieve this.
    A. get a certificate for free out there
    B. generate your own self signed "fake" certificate.
    certutil will certainly let you do this, here's how:
    1. First, create a file/directory layout to store your certificates
    mkdir -p /path/to/certificates/selfsignedCA2. Initialize a database for the certificate you want to create
    certutil -N -d /path/to/certificates/selfsignedCA -P "ca-"3. Create a self-signed CA certificate
    certutil -S -x -n "ca-cert" -s "cn=SelfSigned CA Certificate,dc=yourSuffix" -t CTPu -v 120 -d /path/to/certificates/selfsignedCA -P "ca-" -5Note: when prompted, select choice (5) SSL CA and 'y' for critical extensions
    4. Export the your newly created self-signed CA certificate in PEM format
    certutil -L -d /path/to/certificates/selfsignedCA -P "ca-" -n "ca-cert" -a > /path/to/certificates/selfsignedCA.pemthat should get you going
    -=arnaud=-

Maybe you are looking for

  • KeyListener no longer working in JPanel

    Hi, I have implemented a graphics interface with JPanel with mouse action and movement captured. Everything works fine until I added KeyListener implementation. No matter what I do, I could not enable the key event. The top window is a JFrame which c

  • Problem dialling certain digits with Lumia 800

    In order to find out how much pre-paid phone credit I have with my carrier, I can dial #123#, which works with my SIM in my iPhone (unlocked) and I get a response giving my available credit. However, when I try to dial this combination of digits with

  • Vendor debit/credit memo

    Can anyone one help me in the following with T code. Make the three way matching verification                     find difference between PO & Invoicel                Make an invoice claims                Create a debit or credit MEMO           I wil

  • Apple tv (3rd gen) os 6.0 and itunes 11.1.1 library not syncing/updating

    hi all, just wondering if anyone else has had this happen, and if you have worked out a solution. there were some issues with the 6.0 upgrade and are getting agitated with this as have tried many scenarios to find a solution. thanks in advance.

  • HT201210 error message 3014

    i have an new iMac and in process of updating software on by iPhone and the error messgae 3014 displays when the restore stage is entered. any suggestion other than turn off mcafee??