WLS is blocked when contacting another http server

Similar Messages

• Installed Forms 11g ok but do I need another HTTP Server to run APEX?

  Friends,
  I have posted this Installed Forms 11g ok but do I need another HTTP Server to run APEX? over in the Forms forum. I'm not sure if it's best suited to here?
  I'm not chasing for an answer, just trying to find the correct place for my question.
  Thanks
  Ian

  The answer from a software licensing perspective depends on the licening model you are on. If Unified Workspace Licensing (UWL), then you already have license entitlement to CUP under the Business Edition of that licence program. If you are on a DLU or UCL-based license program, CUP is seperately licensed.
  You will need s seperate MCS server.
  Softphones again depend on your license schema. If UWL, each user is entitled to one softphone. DLU and UCL each charge for softphone usage seperately.

• Do I have to use certificates when writing an HTTPS server

  I'm writing a client app and a server app. The client will connect to the server via HTTPS. A browser will never connect to this HTTPS server, just the client I have written. Can I skip the step of using certificates? I've been told it isn't a requirement. I just want SSL communication, that is all.
  When I try to do this, I get a handshake error, "no cipher suites in common'' coming from the client. The client seems okay because I can get it to connect to other secure web sites.
  So, certificates...must use in this case, or no?
  Thanks!!!

  Hi,
  I think you must use certificates if you want to do SSL communication.
  When using Netscape Navigator or IE to access files on a server that only has DSA-based certificates, a runtime exception occurs indicating that there are
  no cipher suites in common .
  By default, certificates created with keytool use DSA public keys. Navigator and IE do not use DSA public keys in their enabled cipher suites.
  To interact with IE or Navigator, you should create certificates that use RSA-based keys. To do this, you need to specify the -keyalg RSA option when using keytool. For Example:
  keytool -genkey -alias duke -ketstore testkeys -keyalg rsa
  Hope this will help you.
  Regards,
  Anil.
  Technical Support Engineer.

• ADMN-906025 error when I started HTTP server

  After all patchs:
  dcmctl start -ct ohs
  Starting Oracle HTTP Server: name = JDBC type = null
  name = OracleConnectionCacheImpl type = JDBC_ConnectionSource
  name = JDBC type = null
  name = OracleConnectionPoolDataSource type = JDBC_DataSource
  name = CONNECTION_1 type = JDBC_Connection
  name = JDBC type = null
  name = OracleConnectionPoolDataSource type = JDBC_DataSource
  name = CONNECTION_2 type = JDBC_Connection
  ADMN-906025
  dcm/logs/dcmctl_logs/.dcmEx :
  The opmn request has failed. From opmn: HTTP/1.1 204 No Content
  Content-Length: 0
  Content-Type: text/html
  Response: 0 of 1 processes started.
  Check opmn log files such as ipm.log and ons.log for detailed.t
  my.site.comxpq ~      t
  roracle.ias.sysmgmt.exception.DcmCmdLineException: Remote Execute Exception 806212
       at oracle.ias.sysmgmt.cmdline.DcmCmdLine.checkStatus(DcmCmdLine.java:1207)
  opmn\logs\ipm.log : clear
  opmn\logs\ons.log : clear
  opmn\logs\HTTP Server.1 :
  Warning: setuid to root failed, en = 1
  perhaps root.sh was not run? Continuing as current user
  /usr/home/ias/OraHome1/Apache/Apache/bin/apachectl startssl: execing httpd
  Syntax error on line 6 of /usr/home/ias/OraHome1/Apache/Apache/conf/mod_osso.conf:
  Unable to deobfuscate the SSO server config file, /usr/home/ias/OraHome1/Apache/Apache/conf/osso/osso.conf, error Bad padding pattern detected in the last block.
  What can i do ?
  Oleg

  After all patchs:
  dcmctl start -ct ohs
  Starting Oracle HTTP Server: name = JDBC type = null
  name = OracleConnectionCacheImpl type = JDBC_ConnectionSource
  name = JDBC type = null
  name = OracleConnectionPoolDataSource type = JDBC_DataSource
  name = CONNECTION_1 type = JDBC_Connection
  name = JDBC type = null
  name = OracleConnectionPoolDataSource type = JDBC_DataSource
  name = CONNECTION_2 type = JDBC_Connection
  ADMN-906025
  dcm/logs/dcmctl_logs/.dcmEx :
  The opmn request has failed. From opmn: HTTP/1.1 204 No Content
  Content-Length: 0
  Content-Type: text/html
  Response: 0 of 1 processes started.
  Check opmn log files such as ipm.log and ons.log for detailed.t
  my.site.comxpq ~      t
  roracle.ias.sysmgmt.exception.DcmCmdLineException: Remote Execute Exception 806212
       at oracle.ias.sysmgmt.cmdline.DcmCmdLine.checkStatus(DcmCmdLine.java:1207)
  opmn\logs\ipm.log : clear
  opmn\logs\ons.log : clear
  opmn\logs\HTTP Server.1 :
  Warning: setuid to root failed, en = 1
  perhaps root.sh was not run? Continuing as current user
  /usr/home/ias/OraHome1/Apache/Apache/bin/apachectl startssl: execing httpd
  Syntax error on line 6 of /usr/home/ias/OraHome1/Apache/Apache/conf/mod_osso.conf:
  Unable to deobfuscate the SSO server config file, /usr/home/ias/OraHome1/Apache/Apache/conf/osso/osso.conf, error Bad padding pattern detected in the last block.
  What can i do ?
  Oleg I sent this to our resident expert and here is his reply.
  Chet
  It looks like they did not run root.sh during their installation process or root.sh exited prematurely hence the setuid bit is not set on
  $ORACLE_HOME/Apache/Apache/bin/.apachectl. This means that OHS is running as the user that installed iAS, not root which
  causes the de-obfuscation of the mod_osso configuration file to fail. They have two choices:
  The first is to execute the necessary commands as root. They can either become root and run root.sh which should still be laying
  around in the base directory of their ORACLE_HOME or if they don't have root.sh laying around, they should become root and
  execute the follow commands:
  cd $ORACLE_HOME/Apache/Apache/bin
  chown root .apachectl
  chmod 6750 .apachectl
  If they don't want OHS to run as root and they are willing to stick to ports bigger than 1024, the second option is just to reregister
  mod_osso with the SSO server as documented in the 9iAS security admin guide except that they should not specify the userid as
  root. They should just omit the -u root option on the command line for ssoreg or use -u and the userid that installed iAS.
  Hope that helps!

• Configuring  b2b/transportServlet on another HTTP server

  Hi All,
  Here we have a strange requirement
  Actually we are trying to configure B2B with DMZ in place
  Our approach follows like
  B2B should be within Oracle firewall and HTTP server will be in DMZ
  we will open required ports on firewall to have communication between HTTP and B2B instance
  Now HTTP server sits between remote TP and host B2B
  To make above configuration possible
  I am thinking whether it is possibe to host 'b2b/transportServlet' which comes with B2B on the HTTP server sits in DMZ
  Any ideas would be great and helpful
  Thanks
  -Praveen

  But Ramesh
  Our main intention is not high availability configuration fro B2B
  Its just connecting to B2B(in Firewall) from OHS(in DMZ)
  After going through the doc what I understood is
  Whole components should be in Active-Active topology
  For this to happen we need atleast 2-mid tiers running B2B instances
  Obviously which we are not having
  Thanks
  -Praveen

• When i stop http server

  i stopped http server through oem.
  but i can still visit the application through host name.
  but failed through ip.
  that is,eg:
  http://oracle-as succueed
  http://192.168.191.31 failed
  above the "oracle-as" is my host name.
  i use command line: ps -ef | grep http
  no such process id
  is anyone had met such situation?

  Have you installed MKS Toolkit ? This is a requirement for R12 install on Win 2003. Pl see ML Note 402311.1
  Srini

• Move apex to another http server "Error on Page"

  Hi,
  I runing apex 2.2 on an oracle http server, but now I have installed collaboration suite on the same server and want to move my apex. Can't get it working the browser says "Error on page", the login button is not working and strange fonts.
  I hade moved image directory and created the marvel.conf + included in http.conf.
  http error log shows entries:
  File does not exist: /oracle/product/ocs_app/Apache/Apache/htdocs/calendar/images/javascript/htmldb_html_elements.js
  but my marvel.conf has:
  Alias /i/ "/oracle/product/http/Apache/Apache/images/"
  Have tried to copy images also to /oracle/product/ocs_app/Apache/Apache/htdocs/calendar/ the errors disappears from log file but browser still shows “Error on Page”
  Can anyone help, please?

  Hi Praveen,
  Looks like a Reverse Proxy solution where you have one HTTP server in DMZ and one behind the firewalls. Please check Apache docs for Reverse Proxy. You can also use Web Cache for this purpose, or use a Hardware Load Balancer.
  Regards,
  Martin

• No records in titl block when running in application server

  hi all,
  i am facing problem when running forms in application server. the error msg whcih is coming is FRM-41092: No Records in block TITL.
  can any one help pls.....
  Regards
  Natesh

  how about - directly after querying the master record...
  go_block(<block>)
  if :blk.key (or :blk.rowid) is null then
    SET_ITEM_PROPERTY('<buttonname>',enabled, property_false);

• Pricing condition is blocked when editing another

  Hello experts,
  I'm experiencing an issue and would like your feedback.
  I created 2 pricing conditions for the same Condition type (PR00) and same combination key (see below)
  MANDT
  KAPPL
  KSCHL
  VKORG
  VTWEG
  KUNNR      
  MATNR              
  KFRST
  DATBI    
  DATAB    
  KBSTAT
  KNUMH    
  100
  V   
  PR00 
  NL45 
  1
  15943
  SI_REN             
  31.12.9999
  24.07.2014
  1752042
  100
  V   
  PR00 
  NL45 
  1
  15943
  SI_TRC_TON         
  31.12.9999
  24.07.2014
  1752043
  If the first record is being edited via VK12 and we try to edit the second one by another session or even by another user, the system gives the message VK083 'Conditions for the selection entered are blocked".
  Even with same combination, the material code selected is different.  Should'nt the system allow to edit the second record?  is this the standard SAP behaviour?
  looking forward to receive your comments
  Fatima

  is this the standard SAP behaviour?
  Yes it is a standard behaviour as system would lock the entry for the header of the selection screen.  Ideally, if at all you want to change any existing condition record, the same to be done ONLY via VK11 and not via VK12.
  G. Lakshmipathi

• Error in event lod in Windows when starting Apache HTTP Server

  Hi
  I get the following error when I start Apache:
  The Apache service named Apache.exe reported the following error:
  [Thu Jan 24 15:38:04 2002] [error] (2)The system cannot find the file specified: RegQueryValueEx(key System\CurrentControlSet\Services\OracleWebCoreHTTPServer\Parameters) <<<before the error.log file could be opened.
  More information may be available in the error.log file. .
  There is no more info in the error.log and that key in the registry points to the http.conf file and it is the correct path, any ideas why I get this
  cheers
  Robert

  I got the answer: the network path of My Documents contains '$' sign which is not allowed by Windows Installer.
  Thank you all for reading this.

• Connection timeout when using iPlanet web-server uses Weblogic 6.1 proxy server to proxy requests to an HTTP server

  Hi all,
  My configuration is as follows: I have an iPlanet web-server that uses a WebLogic
  6.1 (sp1) server to proxy requests to another HTTP server. The HTTP request runs
  for 120 seconds. This causes Weblogic to timeout after a while. The error I get
  is as follows:
  <Aug 25, 2003 3:37:09 PM GMT+00:00> <Warning> <HttpClient> <Couldn't open connection
  java.net.ConnectException: Connection timed out
  at java.net.PlainSocketImpl.socketConnect(Native Method)
  at java.net.PlainSocketImpl.doConnect(PlainSocketImpl.java:320)
  at java.net.PlainSocketImpl.connectToAddress(PlainSocketImpl.java:133)
  at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:120)
  at java.net.Socket.<init>(Socket.java:273)
  at java.net.Socket.<init>(Socket.java:127)
  at weblogic.net.http.HttpClient.openServer(HttpClient.java:194)
  at weblogic.net.http.HttpClient.openServer(HttpClient.java:254)
  at weblogic.net.http.HttpClient.<init>(HttpClient.java:117)
  at weblogic.net.http.HttpClient.New(HttpClient.java:149)
  at weblogic.net.http.HttpURLConnection.connect(HttpURLConnection.java:109)
  at com.db.gmr.dcm.DebtIssueServlet.getVectorFromConnection(DebtIssueServle
  t.java:285)
  at com.db.gmr.dcm.IssuesUSThread.run(IssuesUSThread.java:29)
  >
  I get the same error when I added the following plug-in configuration parameters
  (in obj.conf):
  ConnectTimeoutSecs="170" ConnectRetrySecs="170".
  What do I need to do to extend this timeout? Any help you can provide will be
  greatly appreciated..
  Thanks
  Manish

  Hi all,
  My configuration is as follows: I have an iPlanet web-server that uses a WebLogic
  6.1 (sp1) server to proxy requests to another HTTP server. The HTTP request runs
  for 120 seconds. This causes Weblogic to timeout after a while. The error I get
  is as follows:
  <Aug 25, 2003 3:37:09 PM GMT+00:00> <Warning> <HttpClient> <Couldn't open connection
  java.net.ConnectException: Connection timed out
  at java.net.PlainSocketImpl.socketConnect(Native Method)
  at java.net.PlainSocketImpl.doConnect(PlainSocketImpl.java:320)
  at java.net.PlainSocketImpl.connectToAddress(PlainSocketImpl.java:133)
  at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:120)
  at java.net.Socket.<init>(Socket.java:273)
  at java.net.Socket.<init>(Socket.java:127)
  at weblogic.net.http.HttpClient.openServer(HttpClient.java:194)
  at weblogic.net.http.HttpClient.openServer(HttpClient.java:254)
  at weblogic.net.http.HttpClient.<init>(HttpClient.java:117)
  at weblogic.net.http.HttpClient.New(HttpClient.java:149)
  at weblogic.net.http.HttpURLConnection.connect(HttpURLConnection.java:109)
  at com.db.gmr.dcm.DebtIssueServlet.getVectorFromConnection(DebtIssueServle
  t.java:285)
  at com.db.gmr.dcm.IssuesUSThread.run(IssuesUSThread.java:29)
  >
  I get the same error when I added the following plug-in configuration parameters
  (in obj.conf):
  ConnectTimeoutSecs="170" ConnectRetrySecs="170".
  What do I need to do to extend this timeout? Any help you can provide will be
  greatly appreciated..
  Thanks
  Manish

• Solved!!Error when starting HTTP Server

  Hi againg
  When restarting the HTTP Server I receive the following error
  HTTP Server.      Using Web Configuration View
  JVM:           Java Virtual Machine initialized
  HTTP Server:     Java Virtual Machine Loaded
  DSAP Filter ‘SAP Ticketcerifier V2.5.2 – PRE-RELEASE – for Lotus Domino R6 only initializing
  Cannot find NOTES.INI variable MySapDebug, Debug is turned off
  Using NOTES.INI variable MySapPsePath = c:\domino\sap\verify.pse
  Cannot find NOTES.INI variable mySapView. Using default settings:$Users
  Cannot find NOTES.INI variable MySapSuppressEmptyTicketWarning. Default is used (warning messages are written to the log)
  DSAP Filter ‘SAP Ticketverifier V2.5.2 – PRE-RELEASE – for Lotus Domino R6 only started
  HTTP Server: DSAPI SAP Ticketverifier V2.5.2 – PRE-RELEASE – for Lotus Domino R6 only Load successfully
  Servlet engine initialization was successful
  SAP Ticketverifier: invalid ticket
  SAP Ticketverifier Message: falling back to Lotus Domino Authentication
  HTTP Server Started
  SAP Ticketverifier: invalid ticket
  SAP Ticketverifier Message: falling back to Lotus Domino Authentication
  SAP Ticketverifier: invalid ticket
  Opened the NOTES.INI file and started to look for the variables of mySapView, and MySapSuppressEmptyTicketWarning, but they are not presented in this file
  Need help to start looking for error
  Regards
  Kay-Arne
  Message was edited by: Kay-Arne Aarlie

  There are several ways to do this, but for best results on a single installation (versus many), manually add and configure the following SAP TV variables in Notes.ini. Remember to leave a single blank line at the end of the file (a known issue with the last variable not being read):
  <b>;===Custom Start===
  MYSAPPSEPATH=<your path info goes here>\verify.pse
  MySapDebug=<True or False>
  MySAPVIEW=<the custom view name, if one is used>
  MySapSuppressEmptyTicketWarning=<True or False>
  ;===Custom End===</b>

• Web calendar interfase not started when starting http server

  Hi, I installed CS succesfully, the calendar server is working fine.
  My problem is that the web interfase is not started when starting the HTTP server.
  I checked the log files of the http server and I saw this:
  [Thu Jan  9 19:13:50 2003] [warn] [client 144.23.48.238] FastCGI request processing timed out
  [Thu Jan  9 19:15:19 2003] [notice] SIGHUP received. Attempting to restart
  [Thu Jan  9 19:15:23 2003] [error] (2)No such file or directory: FastCGI: access for server (uid -1, gid 501) failed: read not allowed by group
  [Thu Jan  9 19:15:23 2003] [notice] FastCGI: process manager initialized (pid 6897)
  [Thu Jan  9 19:15:23 2003] [warn] FastCGI: server "/u01/oracle/product/CS9.0.3/CSMT/Apache/Apache/fcgi-bin/owc/lexacal.fcgi" started (pid 6898)
  [Thu Jan  9 19:15:23 2003] [warn] FastCGI: server "/u01/oracle/product/CS9.0.3/CSMT/Apache/Apache/fcgi-bin/echo" started (pid 6899)
  [Thu Jan  9 19:15:24 2003] [notice] Oracle HTTP Server/1.3.22 (Unix) mod_plsql/9.0.2.0.0 DAV/1.0.2 (OraDAV enabled) mod_osso/9.0.2.0.0 mod_oc4j/3.0 mod_ossl/9.0.2.0.0 mod_fastcgi/2.2.12 mod_perl/1.26 configured -- resuming normal operations
  [Thu Jan  9 19:15:24 2003] [notice] Accept mutex: fcntl (Default: fcntl)
  [Thu Jan  9 19:15:34 2003] [warn] FastCGI: s[i]Long postings are being truncated to ~1 kB at this time.

  Hi Gonzalo,
  You will have to report this problem to the Oracle Support organization.
  They will most probably want to see your web configuration file, the httpd.conf, as well as the appropriate logs.
  thanks,
  Jean-Marc Robillard
  Product Management

• Intermedia Database Agent and HTTP Server

  I have intermedia web agent 8.1.5.4 running on nt sp6. i am
  trying to have a username and password in the database agent for
  uploading and retrieving files.
  this works when i use IIS 4.0, however it does not work when i
  use HTTP server. it will ask for username and password.
  here is the database agent description
  service = oracle
  database_user = icras2
  database_password = <password>
  authorized_request_class = clipboard
  authorized_sql_statements = any
  authorized_sql_procedures = *
  display_name = icras2
  authentication_realm_name = icras2
  retrieve_database_agent
  upload_database_agent
  clipboard_user = icras2
  Thanks
  Melissa

  I think it would be helpful if you described the reason that you would like to do this.
  I know that in some environments the powers that be will not install Apex on the database server.
  In such an environment you could create a local Oracle instance and install Apex yourself and access
  the database containing the data via dblinks. You'd have to be careful if you are processing lots of data
  in such a setup.
  I saw another response to your post and it looks like the person that responded assumed that you would install
  apex into the daabase that keeps all the data. However, if ypur administrators will not install Apex (and I have
  come across this) then you cannot follow that advice.

• Installation of the VeriSign digital certification in Oracle HTTP Server

  I am not obtaining to generate to the pair of keys and the CSR in Oracle HTTP Server, will have some tip I is thankful.
  Thanks
  Leandro

  Hi Leandro,
  Here are some steps to setup digital certificates into Oracle HTTP Server for Unix.
  1. The temporary working directory is /u01/tmp/myssl.
  2. The contents of <9iAS_HOME>/Apache/open_ssl/bin have been copied to the
  temporary working directory created in Assumption #1.
  3. SSL file names are priv.key (private key), certreq.csr (certificate request),
  and cert.crt (SSL certificate). The actual SSL certificate file could be
  named other than 'cert.crt'.
  4. By default, SSL is configured using port 443, which requires ROOT access to
  start the web listener.
  If you want to change this from the default port, you will need to change
  the following two parameters in the httpd.conf file to an unused port number:
  Listen 443
  <VirtualHost default:443>
  5. All necessary UNIX environment variables are set correctly for your Oracle
  product before implementing these procedures.
  6. User must be familiar with UNIX concepts like shell navigation, UNIX
  environments, file manipulation/search, file copy/backups, etc.
  How to Request and Configure an SSL Certificate for Oracle9i Application Server
  Step-by-Step Instructions:
  1. Change your present working directory to the temporary working directory, e.g.,
  /u01/tmp/myssl. Ensure the contents of <9iAS_HOME>/Apache/open_ssl/bin have
  been copied into this temporary working directory.
  2. Copy 5 large files, each at least 250KB, into your temporary working directory.
  Suggest looking in any /bin directory for large sized binary files. Execute
  the following command to generate the random character file:
       % openssl md5 * > rand.rnd
  3. Execute the following command to generate the private key (priv.key):
  % openssl genrsa -rand rand.rnd -des3 1024 > priv.key
       - when prompted, enter a "PEM pass phrase" password
       - re-enter password when prompted to verify password
       -- remember the pass phrase password you entered
       - this command generates the priv.key file and associated pass phrase
       - set permissions on the priv.key file to prevent unauthorized editing
       % chmod 400 priv.key
       - backup the priv.key file to a secure location
  NOTE
  The PEM pass phrase must be at least 4 characters in length. Remember this
  pass phrase, you will be prompted to enter it in the next step and each
  time you start up the Oracle HTTP Server (OHS) in SSL mode.
  Optionally, you can unencrypt the value of the private key, so that you
  will not be prompted for the PEM pass phrase every time you start up OHS
  in SSL mode.
  To unencrypt the private key, execute the following two commands (Note:
  ensure file permissions set to r+w):
       % cp priv.key priv.key.bak
       % openssl rsa -in priv.key.bak -out priv.key
  - the demo certificate shipped with Oracle9iAS does not require a pass
  phrase to start OHS in SSL mode.
  - on UNIX, to generate the certificate request and start OHS in SSL mode,
  the pass phrase must be entered, unless you executed the above steps
  to unencrypt.
  - on Windows NT/2000, if a certificate is used that has a pass phrase,
  the OHS will hang; therefore, on Windows NT/2000, you must execute
  the steps to unencrypt.
  4. Execute the following command to generate an SSL certificate request
  (certreq.csr) based on your private key.
       % openssl req -new -key priv.key -out certreq.csr -config openssl.cnf
       - when prompted, enter the "PEM pass phrase" set when the private key
  was created.
       - when prompted, enter the requested fields that make up the
  Distinguished Name.
       -- each entry must be valid information, i.e., email, state, location, etc.
       - when prompted for the "Common Name", you MUST enter the fully
  qualified name which will be accessed via client browsers; e.g.,
  if clients will use:
  https://mysite.domain.com
       -- then, you must enter mysite.domain.com as the "Common Name"
       - the requested 'extra' attributes, i.e., "challenge password" and
  "optional company name", are OPTIONAL; just hit ENTER to use NULL values.
  5. You should now have the private key and certificate request files (priv.key
  and certreq.csr) in your temporary working directory.
  NOTE
  At this point, you can use your certificate request file 'certreq.csr' to
  order a valid SSL certificate from any CA-vendor, e.g., Verisign.
  After you receive your SSL certificate, skip to Step #6 for instructions
  on how to deploy your SSL files.
  OPTIONAL
  You can start 9iAS in SSL mode (see Step #12) and test the pre-installed demo
  certificate and private key included for testing purposes.
  It is a good idea to test to be sure the Oracle HTTP Server SSL mode works
  successfully before deploying your new SSL certificate. To try these demo
  files, access the 9iAS index page in a browser using the HTTPS protocol and
  the appropriate SSL Listen port. URL format:
  https://myhost.domain.com:<ssl_port>
  The user will see a Security Alert (IE), or New Site Certificate (Netscape)
  warning message, click Continue/Next to accept.
  OPTIONAL
  To create a self-signed certificate, execute the following commands:
  (csh) % setenv RANDFILE rand.rnd
  <sh or ksh> % export RANDFILE=rand.rnd
  % openssl x509 -req -days 30 -in certreq.csr -signkey priv.key > tempcert.crt
  - when prompted, enter the "PEM pass phrase" set when the private key was created.
  - this command generates a temporary self-signed certificate file 'tempcert.crt'
  valid for 30 days, which can be used while awaiting a valid SSL certificate
  purchased from an authorized CA-vendor.
  - if this option is used, after generating the 'tempcert.crt' file, skip to
  Step #6 for instructions on how to deploy your SSL files.
  OPTIONAL
  These steps are specifically for requesting a TRIAL certificate from the
  CA-vendor Verisign.
  - Go to www.verisign.com and click on "Free Guides and Trials" link and
  follow instructions to request a "Free Trial SSL ID". During this process,
  you will be asked to provide certificate request information.
  - Open the 'certreq.csr' file using your text editor of choice.
  - Starting with "-----BEGIN NEW CERTIFICATE REQUEST-----" copy all lines
  including the BEGIN and END of certificate lines.
  - Paste this copied data into the Verisign page where requested and continue.
  - You will see the Verisign web site decode your certificate request
  information. This decoded information is presented to you to verify it is
  correct. If it is, then continue with the process.
  - You will be presented with another set of questions from Verisign. Be sure
  to answer with the correct email address, as this address will be used to
  send your SSL certificate.
  - After you answer all these questions, you will be sent a TRIAL 14-day
  SSL certificate via email.
  - WARNING! You must follow this step carefully, you cannot copy and paste
  information from an email to a new text file. After you get your TRIAL
  certificate, save the entire email message to a text file. Open this file
  using your text editor of choice. You will see the email address header
  information and the line:
  -----BEGIN CERTIFICATE-----
  - Delete all text that appears before the -----BEGIN CERTIFICATE----- line.
  The modified file should contain only certificate information. After you
  delete the email header, save this text file inside your temporary directory
  with the filename 'trialcert.crt'.
  6. Now you are ready to configure Oracle9i Application Server (9iAS) with your
  SSL certificate files.
  7. Back up your existing <9iAS_HOME>/Apache/Apache/conf/httpd.conf file.
  8. Open the httpd.conf file with your text editor of choice.
  9. Edit the following httpd.conf directives to use your generated private key
  and SSL certificate file, which could be the filename for either the
  temporary self-signed certificate, the TRIAL test certificate, or the
  purchased valid certificate. The information following the # symbol are
  comments.
  NOTE
  The directory of the SSL files (private key and certificate file)
  can reside in any location you choose. The temporary working
  directory will continue to be referenced in these procedure steps.
  # use the appropriate (i.e., valid, temporary, or trial) certificate filename
  SSLCertificateFile /u01/tmp/myssl/tempcert.crt
  #private key from Step #4 above:
  SSLCertificateKeyFile /u01/tmp/myssl/priv.key
  10. Save your modified httpd.conf and exit the text editor.
  11. Log in as authorized user (if default ports 80 and 443 are used, ROOT user
  must execute commands in next step).
  12. Execute the following command to stop, then start Apache in SSL mode
  (ensure proper UNIX environments are set; else, execute command from
  <9iAS_HOME>/Apache/Apache/bin.)
  For Oracle8iAS 1.x:
  % httpdsctl stop
  % httpdsctl startssl
  For Oracle9iAS 1.0.2.x:
  % apachectl stop
  % apachectl startssl
  - when prompted, enter the "pass phrase" created in Step #3.
  -- not required if you unencrypted the private key file
  - when the Oracle HTTP Server starts successfully in SSL mode, access the
  9iAS index page in a browser using the HTTPS protocol and the appropriate
  SSL Listen port. URL format:
  https://myhost.domain.com:<ssl_port>
  - if using a temporary self-signed or TRIAL test certificate, the user will
  see a Security Alert (IE), or New Site Certificate (Netscape) warning message,
  click Continue/Next to accept.
  ====================
  I hope this help !!
  Ilan Salviano