WLS is blocked when contacting another http server
Hi,
I have developed a servlet in WLS. It must communicates with another
over an HTTP request. For that I have used :
- URLConnection,
- URL,
- DataOutputStream
Everything works well but when the targeted server is not available, WLS
is completely blocked by a single user. When the targeted server is
available again, WLS begin reworks well.
I don't see where I can put a timeout when using URL... objects ?
Has anyone an idea ?
Thanks for your help,
Manuel.
It is cerainly possible (but killing the thread is not a very good idea - if it
fails to make HTTP connection it's better to let it wait until default timeout
expires and return from it's run() method).
Probably better solution (for now) will be to implement your own HTTP handler
which allows you to specify connect and wait-for-response timeouts.
Daniel Hoppe <[email protected]> wrote:
Hi,
I'm waiting for this flag as well ;-). If this was not a server-side
problem I'd try the following:
Start a thread which tries to build establish the connection / read from
the URL. When the thread has successfully finished, set a flag. The
method starting the thread can loop / wait until a time-out value has
been reached and check the flag on each loop. If the thread has not set
the flag after your timeout value, you can kill the thread and either
retry or throw an exception. If the flag has been set, your input has
been read and you can continue.
I'm using this approach on the clientside quite successfully, but people
alway warn of starting threads within weblogic. Maybe something like
your 'long-running-task-in-weblogic' pattern could be used to achieve
something similar on the serverside.
Cheers,
Daniel--
Dimitri
Similar Messages
-
Installed Forms 11g ok but do I need another HTTP Server to run APEX?
Friends,
I have posted this Installed Forms 11g ok but do I need another HTTP Server to run APEX? over in the Forms forum. I'm not sure if it's best suited to here?
I'm not chasing for an answer, just trying to find the correct place for my question.
Thanks
IanThe answer from a software licensing perspective depends on the licening model you are on. If Unified Workspace Licensing (UWL), then you already have license entitlement to CUP under the Business Edition of that licence program. If you are on a DLU or UCL-based license program, CUP is seperately licensed.
You will need s seperate MCS server.
Softphones again depend on your license schema. If UWL, each user is entitled to one softphone. DLU and UCL each charge for softphone usage seperately. -
Do I have to use certificates when writing an HTTPS server
I'm writing a client app and a server app. The client will connect to the server via HTTPS. A browser will never connect to this HTTPS server, just the client I have written. Can I skip the step of using certificates? I've been told it isn't a requirement. I just want SSL communication, that is all.
When I try to do this, I get a handshake error, "no cipher suites in common'' coming from the client. The client seems okay because I can get it to connect to other secure web sites.
So, certificates...must use in this case, or no?
Thanks!!!Hi,
I think you must use certificates if you want to do SSL communication.
When using Netscape Navigator or IE to access files on a server that only has DSA-based certificates, a runtime exception occurs indicating that there are
no cipher suites in common .
By default, certificates created with keytool use DSA public keys. Navigator and IE do not use DSA public keys in their enabled cipher suites.
To interact with IE or Navigator, you should create certificates that use RSA-based keys. To do this, you need to specify the -keyalg RSA option when using keytool. For Example:
keytool -genkey -alias duke -ketstore testkeys -keyalg rsa
Hope this will help you.
Regards,
Anil.
Technical Support Engineer. -
ADMN-906025 error when I started HTTP server
After all patchs:
dcmctl start -ct ohs
Starting Oracle HTTP Server: name = JDBC type = null
name = OracleConnectionCacheImpl type = JDBC_ConnectionSource
name = JDBC type = null
name = OracleConnectionPoolDataSource type = JDBC_DataSource
name = CONNECTION_1 type = JDBC_Connection
name = JDBC type = null
name = OracleConnectionPoolDataSource type = JDBC_DataSource
name = CONNECTION_2 type = JDBC_Connection
ADMN-906025
dcm/logs/dcmctl_logs/.dcmEx :
The opmn request has failed. From opmn: HTTP/1.1 204 No Content
Content-Length: 0
Content-Type: text/html
Response: 0 of 1 processes started.
Check opmn log files such as ipm.log and ons.log for detailed.t
my.site.comxpq ~ t
roracle.ias.sysmgmt.exception.DcmCmdLineException: Remote Execute Exception 806212
at oracle.ias.sysmgmt.cmdline.DcmCmdLine.checkStatus(DcmCmdLine.java:1207)
opmn\logs\ipm.log : clear
opmn\logs\ons.log : clear
opmn\logs\HTTP Server.1 :
Warning: setuid to root failed, en = 1
perhaps root.sh was not run? Continuing as current user
/usr/home/ias/OraHome1/Apache/Apache/bin/apachectl startssl: execing httpd
Syntax error on line 6 of /usr/home/ias/OraHome1/Apache/Apache/conf/mod_osso.conf:
Unable to deobfuscate the SSO server config file, /usr/home/ias/OraHome1/Apache/Apache/conf/osso/osso.conf, error Bad padding pattern detected in the last block.
What can i do ?
OlegAfter all patchs:
dcmctl start -ct ohs
Starting Oracle HTTP Server: name = JDBC type = null
name = OracleConnectionCacheImpl type = JDBC_ConnectionSource
name = JDBC type = null
name = OracleConnectionPoolDataSource type = JDBC_DataSource
name = CONNECTION_1 type = JDBC_Connection
name = JDBC type = null
name = OracleConnectionPoolDataSource type = JDBC_DataSource
name = CONNECTION_2 type = JDBC_Connection
ADMN-906025
dcm/logs/dcmctl_logs/.dcmEx :
The opmn request has failed. From opmn: HTTP/1.1 204 No Content
Content-Length: 0
Content-Type: text/html
Response: 0 of 1 processes started.
Check opmn log files such as ipm.log and ons.log for detailed.t
my.site.comxpq ~ t
roracle.ias.sysmgmt.exception.DcmCmdLineException: Remote Execute Exception 806212
at oracle.ias.sysmgmt.cmdline.DcmCmdLine.checkStatus(DcmCmdLine.java:1207)
opmn\logs\ipm.log : clear
opmn\logs\ons.log : clear
opmn\logs\HTTP Server.1 :
Warning: setuid to root failed, en = 1
perhaps root.sh was not run? Continuing as current user
/usr/home/ias/OraHome1/Apache/Apache/bin/apachectl startssl: execing httpd
Syntax error on line 6 of /usr/home/ias/OraHome1/Apache/Apache/conf/mod_osso.conf:
Unable to deobfuscate the SSO server config file, /usr/home/ias/OraHome1/Apache/Apache/conf/osso/osso.conf, error Bad padding pattern detected in the last block.
What can i do ?
Oleg I sent this to our resident expert and here is his reply.
Chet
It looks like they did not run root.sh during their installation process or root.sh exited prematurely hence the setuid bit is not set on
$ORACLE_HOME/Apache/Apache/bin/.apachectl. This means that OHS is running as the user that installed iAS, not root which
causes the de-obfuscation of the mod_osso configuration file to fail. They have two choices:
The first is to execute the necessary commands as root. They can either become root and run root.sh which should still be laying
around in the base directory of their ORACLE_HOME or if they don't have root.sh laying around, they should become root and
execute the follow commands:
cd $ORACLE_HOME/Apache/Apache/bin
chown root .apachectl
chmod 6750 .apachectl
If they don't want OHS to run as root and they are willing to stick to ports bigger than 1024, the second option is just to reregister
mod_osso with the SSO server as documented in the 9iAS security admin guide except that they should not specify the userid as
root. They should just omit the -u root option on the command line for ssoreg or use -u and the userid that installed iAS.
Hope that helps! -
Configuring b2b/transportServlet on another HTTP server
Hi All,
Here we have a strange requirement
Actually we are trying to configure B2B with DMZ in place
Our approach follows like
B2B should be within Oracle firewall and HTTP server will be in DMZ
we will open required ports on firewall to have communication between HTTP and B2B instance
Now HTTP server sits between remote TP and host B2B
To make above configuration possible
I am thinking whether it is possibe to host 'b2b/transportServlet' which comes with B2B on the HTTP server sits in DMZ
Any ideas would be great and helpful
Thanks
-PraveenBut Ramesh
Our main intention is not high availability configuration fro B2B
Its just connecting to B2B(in Firewall) from OHS(in DMZ)
After going through the doc what I understood is
Whole components should be in Active-Active topology
For this to happen we need atleast 2-mid tiers running B2B instances
Obviously which we are not having
Thanks
-Praveen -
i stopped http server through oem.
but i can still visit the application through host name.
but failed through ip.
that is,eg:
http://oracle-as succueed
http://192.168.191.31 failed
above the "oracle-as" is my host name.
i use command line: ps -ef | grep http
no such process id
is anyone had met such situation?Have you installed MKS Toolkit ? This is a requirement for R12 install on Win 2003. Pl see ML Note 402311.1
Srini -
Move apex to another http server "Error on Page"
Hi,
I runing apex 2.2 on an oracle http server, but now I have installed collaboration suite on the same server and want to move my apex. Can't get it working the browser says "Error on page", the login button is not working and strange fonts.
I hade moved image directory and created the marvel.conf + included in http.conf.
http error log shows entries:
File does not exist: /oracle/product/ocs_app/Apache/Apache/htdocs/calendar/images/javascript/htmldb_html_elements.js
but my marvel.conf has:
Alias /i/ "/oracle/product/http/Apache/Apache/images/"
Have tried to copy images also to /oracle/product/ocs_app/Apache/Apache/htdocs/calendar/ the errors disappears from log file but browser still shows “Error on Page”
Can anyone help, please?Hi Praveen,
Looks like a Reverse Proxy solution where you have one HTTP server in DMZ and one behind the firewalls. Please check Apache docs for Reverse Proxy. You can also use Web Cache for this purpose, or use a Hardware Load Balancer.
Regards,
Martin -
No records in titl block when running in application server
hi all,
i am facing problem when running forms in application server. the error msg whcih is coming is FRM-41092: No Records in block TITL.
can any one help pls.....
Regards
Nateshhow about - directly after querying the master record...
go_block(<block>)
if :blk.key (or :blk.rowid) is null then
SET_ITEM_PROPERTY('<buttonname>',enabled, property_false); -
Pricing condition is blocked when editing another
Hello experts,
I'm experiencing an issue and would like your feedback.
I created 2 pricing conditions for the same Condition type (PR00) and same combination key (see below)
MANDT
KAPPL
KSCHL
VKORG
VTWEG
KUNNR
MATNR
KFRST
DATBI
DATAB
KBSTAT
KNUMH
100
V
PR00
NL45
1
15943
SI_REN
31.12.9999
24.07.2014
1752042
100
V
PR00
NL45
1
15943
SI_TRC_TON
31.12.9999
24.07.2014
1752043
If the first record is being edited via VK12 and we try to edit the second one by another session or even by another user, the system gives the message VK083 'Conditions for the selection entered are blocked".
Even with same combination, the material code selected is different. Should'nt the system allow to edit the second record? is this the standard SAP behaviour?
looking forward to receive your comments
Fatimais this the standard SAP behaviour?
Yes it is a standard behaviour as system would lock the entry for the header of the selection screen. Ideally, if at all you want to change any existing condition record, the same to be done ONLY via VK11 and not via VK12.
G. Lakshmipathi -
Error in event lod in Windows when starting Apache HTTP Server
Hi
I get the following error when I start Apache:
The Apache service named Apache.exe reported the following error:
[Thu Jan 24 15:38:04 2002] [error] (2)The system cannot find the file specified: RegQueryValueEx(key System\CurrentControlSet\Services\OracleWebCoreHTTPServer\Parameters) <<<before the error.log file could be opened.
More information may be available in the error.log file. .
There is no more info in the error.log and that key in the registry points to the http.conf file and it is the correct path, any ideas why I get this
cheers
RobertI got the answer: the network path of My Documents contains '$' sign which is not allowed by Windows Installer.
Thank you all for reading this. -
Hi all,
My configuration is as follows: I have an iPlanet web-server that uses a WebLogic
6.1 (sp1) server to proxy requests to another HTTP server. The HTTP request runs
for 120 seconds. This causes Weblogic to timeout after a while. The error I get
is as follows:
<Aug 25, 2003 3:37:09 PM GMT+00:00> <Warning> <HttpClient> <Couldn't open connection
java.net.ConnectException: Connection timed out
at java.net.PlainSocketImpl.socketConnect(Native Method)
at java.net.PlainSocketImpl.doConnect(PlainSocketImpl.java:320)
at java.net.PlainSocketImpl.connectToAddress(PlainSocketImpl.java:133)
at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:120)
at java.net.Socket.<init>(Socket.java:273)
at java.net.Socket.<init>(Socket.java:127)
at weblogic.net.http.HttpClient.openServer(HttpClient.java:194)
at weblogic.net.http.HttpClient.openServer(HttpClient.java:254)
at weblogic.net.http.HttpClient.<init>(HttpClient.java:117)
at weblogic.net.http.HttpClient.New(HttpClient.java:149)
at weblogic.net.http.HttpURLConnection.connect(HttpURLConnection.java:109)
at com.db.gmr.dcm.DebtIssueServlet.getVectorFromConnection(DebtIssueServle
t.java:285)
at com.db.gmr.dcm.IssuesUSThread.run(IssuesUSThread.java:29)
>
I get the same error when I added the following plug-in configuration parameters
(in obj.conf):
ConnectTimeoutSecs="170" ConnectRetrySecs="170".
What do I need to do to extend this timeout? Any help you can provide will be
greatly appreciated..
Thanks
ManishHi all,
My configuration is as follows: I have an iPlanet web-server that uses a WebLogic
6.1 (sp1) server to proxy requests to another HTTP server. The HTTP request runs
for 120 seconds. This causes Weblogic to timeout after a while. The error I get
is as follows:
<Aug 25, 2003 3:37:09 PM GMT+00:00> <Warning> <HttpClient> <Couldn't open connection
java.net.ConnectException: Connection timed out
at java.net.PlainSocketImpl.socketConnect(Native Method)
at java.net.PlainSocketImpl.doConnect(PlainSocketImpl.java:320)
at java.net.PlainSocketImpl.connectToAddress(PlainSocketImpl.java:133)
at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:120)
at java.net.Socket.<init>(Socket.java:273)
at java.net.Socket.<init>(Socket.java:127)
at weblogic.net.http.HttpClient.openServer(HttpClient.java:194)
at weblogic.net.http.HttpClient.openServer(HttpClient.java:254)
at weblogic.net.http.HttpClient.<init>(HttpClient.java:117)
at weblogic.net.http.HttpClient.New(HttpClient.java:149)
at weblogic.net.http.HttpURLConnection.connect(HttpURLConnection.java:109)
at com.db.gmr.dcm.DebtIssueServlet.getVectorFromConnection(DebtIssueServle
t.java:285)
at com.db.gmr.dcm.IssuesUSThread.run(IssuesUSThread.java:29)
>
I get the same error when I added the following plug-in configuration parameters
(in obj.conf):
ConnectTimeoutSecs="170" ConnectRetrySecs="170".
What do I need to do to extend this timeout? Any help you can provide will be
greatly appreciated..
Thanks
Manish -
Solved!!Error when starting HTTP Server
Hi againg
When restarting the HTTP Server I receive the following error
HTTP Server. Using Web Configuration View
JVM: Java Virtual Machine initialized
HTTP Server: Java Virtual Machine Loaded
DSAP Filter SAP Ticketcerifier V2.5.2 PRE-RELEASE for Lotus Domino R6 only initializing
Cannot find NOTES.INI variable MySapDebug, Debug is turned off
Using NOTES.INI variable MySapPsePath = c:\domino\sap\verify.pse
Cannot find NOTES.INI variable mySapView. Using default settings:$Users
Cannot find NOTES.INI variable MySapSuppressEmptyTicketWarning. Default is used (warning messages are written to the log)
DSAP Filter SAP Ticketverifier V2.5.2 PRE-RELEASE for Lotus Domino R6 only started
HTTP Server: DSAPI SAP Ticketverifier V2.5.2 PRE-RELEASE for Lotus Domino R6 only Load successfully
Servlet engine initialization was successful
SAP Ticketverifier: invalid ticket
SAP Ticketverifier Message: falling back to Lotus Domino Authentication
HTTP Server Started
SAP Ticketverifier: invalid ticket
SAP Ticketverifier Message: falling back to Lotus Domino Authentication
SAP Ticketverifier: invalid ticket
Opened the NOTES.INI file and started to look for the variables of mySapView, and MySapSuppressEmptyTicketWarning, but they are not presented in this file
Need help to start looking for error
Regards
Kay-Arne
Message was edited by: Kay-Arne AarlieThere are several ways to do this, but for best results on a single installation (versus many), manually add and configure the following SAP TV variables in Notes.ini. Remember to leave a single blank line at the end of the file (a known issue with the last variable not being read):
<b>;===Custom Start===
MYSAPPSEPATH=<your path info goes here>\verify.pse
MySapDebug=<True or False>
MySAPVIEW=<the custom view name, if one is used>
MySapSuppressEmptyTicketWarning=<True or False>
;===Custom End===</b> -
Web calendar interfase not started when starting http server
Hi, I installed CS succesfully, the calendar server is working fine.
My problem is that the web interfase is not started when starting the HTTP server.
I checked the log files of the http server and I saw this:
[Thu Jan 9 19:13:50 2003] [warn] [client 144.23.48.238] FastCGI request processing timed out
[Thu Jan 9 19:15:19 2003] [notice] SIGHUP received. Attempting to restart
[Thu Jan 9 19:15:23 2003] [error] (2)No such file or directory: FastCGI: access for server (uid -1, gid 501) failed: read not allowed by group
[Thu Jan 9 19:15:23 2003] [notice] FastCGI: process manager initialized (pid 6897)
[Thu Jan 9 19:15:23 2003] [warn] FastCGI: server "/u01/oracle/product/CS9.0.3/CSMT/Apache/Apache/fcgi-bin/owc/lexacal.fcgi" started (pid 6898)
[Thu Jan 9 19:15:23 2003] [warn] FastCGI: server "/u01/oracle/product/CS9.0.3/CSMT/Apache/Apache/fcgi-bin/echo" started (pid 6899)
[Thu Jan 9 19:15:24 2003] [notice] Oracle HTTP Server/1.3.22 (Unix) mod_plsql/9.0.2.0.0 DAV/1.0.2 (OraDAV enabled) mod_osso/9.0.2.0.0 mod_oc4j/3.0 mod_ossl/9.0.2.0.0 mod_fastcgi/2.2.12 mod_perl/1.26 configured -- resuming normal operations
[Thu Jan 9 19:15:24 2003] [notice] Accept mutex: fcntl (Default: fcntl)
[Thu Jan 9 19:15:34 2003] [warn] FastCGI: s[i]Long postings are being truncated to ~1 kB at this time.Hi Gonzalo,
You will have to report this problem to the Oracle Support organization.
They will most probably want to see your web configuration file, the httpd.conf, as well as the appropriate logs.
thanks,
Jean-Marc Robillard
Product Management -
Intermedia Database Agent and HTTP Server
I have intermedia web agent 8.1.5.4 running on nt sp6. i am
trying to have a username and password in the database agent for
uploading and retrieving files.
this works when i use IIS 4.0, however it does not work when i
use HTTP server. it will ask for username and password.
here is the database agent description
service = oracle
database_user = icras2
database_password = <password>
authorized_request_class = clipboard
authorized_sql_statements = any
authorized_sql_procedures = *
display_name = icras2
authentication_realm_name = icras2
retrieve_database_agent
upload_database_agent
clipboard_user = icras2
Thanks
MelissaI think it would be helpful if you described the reason that you would like to do this.
I know that in some environments the powers that be will not install Apex on the database server.
In such an environment you could create a local Oracle instance and install Apex yourself and access
the database containing the data via dblinks. You'd have to be careful if you are processing lots of data
in such a setup.
I saw another response to your post and it looks like the person that responded assumed that you would install
apex into the daabase that keeps all the data. However, if ypur administrators will not install Apex (and I have
come across this) then you cannot follow that advice. -
Installation of the VeriSign digital certification in Oracle HTTP Server
I am not obtaining to generate to the pair of keys and the CSR in Oracle HTTP Server, will have some tip I is thankful.
Thanks
LeandroHi Leandro,
Here are some steps to setup digital certificates into Oracle HTTP Server for Unix.
1. The temporary working directory is /u01/tmp/myssl.
2. The contents of <9iAS_HOME>/Apache/open_ssl/bin have been copied to the
temporary working directory created in Assumption #1.
3. SSL file names are priv.key (private key), certreq.csr (certificate request),
and cert.crt (SSL certificate). The actual SSL certificate file could be
named other than 'cert.crt'.
4. By default, SSL is configured using port 443, which requires ROOT access to
start the web listener.
If you want to change this from the default port, you will need to change
the following two parameters in the httpd.conf file to an unused port number:
Listen 443
<VirtualHost default:443>
5. All necessary UNIX environment variables are set correctly for your Oracle
product before implementing these procedures.
6. User must be familiar with UNIX concepts like shell navigation, UNIX
environments, file manipulation/search, file copy/backups, etc.
How to Request and Configure an SSL Certificate for Oracle9i Application Server
Step-by-Step Instructions:
1. Change your present working directory to the temporary working directory, e.g.,
/u01/tmp/myssl. Ensure the contents of <9iAS_HOME>/Apache/open_ssl/bin have
been copied into this temporary working directory.
2. Copy 5 large files, each at least 250KB, into your temporary working directory.
Suggest looking in any /bin directory for large sized binary files. Execute
the following command to generate the random character file:
% openssl md5 * > rand.rnd
3. Execute the following command to generate the private key (priv.key):
% openssl genrsa -rand rand.rnd -des3 1024 > priv.key
- when prompted, enter a "PEM pass phrase" password
- re-enter password when prompted to verify password
-- remember the pass phrase password you entered
- this command generates the priv.key file and associated pass phrase
- set permissions on the priv.key file to prevent unauthorized editing
% chmod 400 priv.key
- backup the priv.key file to a secure location
NOTE
The PEM pass phrase must be at least 4 characters in length. Remember this
pass phrase, you will be prompted to enter it in the next step and each
time you start up the Oracle HTTP Server (OHS) in SSL mode.
Optionally, you can unencrypt the value of the private key, so that you
will not be prompted for the PEM pass phrase every time you start up OHS
in SSL mode.
To unencrypt the private key, execute the following two commands (Note:
ensure file permissions set to r+w):
% cp priv.key priv.key.bak
% openssl rsa -in priv.key.bak -out priv.key
- the demo certificate shipped with Oracle9iAS does not require a pass
phrase to start OHS in SSL mode.
- on UNIX, to generate the certificate request and start OHS in SSL mode,
the pass phrase must be entered, unless you executed the above steps
to unencrypt.
- on Windows NT/2000, if a certificate is used that has a pass phrase,
the OHS will hang; therefore, on Windows NT/2000, you must execute
the steps to unencrypt.
4. Execute the following command to generate an SSL certificate request
(certreq.csr) based on your private key.
% openssl req -new -key priv.key -out certreq.csr -config openssl.cnf
- when prompted, enter the "PEM pass phrase" set when the private key
was created.
- when prompted, enter the requested fields that make up the
Distinguished Name.
-- each entry must be valid information, i.e., email, state, location, etc.
- when prompted for the "Common Name", you MUST enter the fully
qualified name which will be accessed via client browsers; e.g.,
if clients will use:
https://mysite.domain.com
-- then, you must enter mysite.domain.com as the "Common Name"
- the requested 'extra' attributes, i.e., "challenge password" and
"optional company name", are OPTIONAL; just hit ENTER to use NULL values.
5. You should now have the private key and certificate request files (priv.key
and certreq.csr) in your temporary working directory.
NOTE
At this point, you can use your certificate request file 'certreq.csr' to
order a valid SSL certificate from any CA-vendor, e.g., Verisign.
After you receive your SSL certificate, skip to Step #6 for instructions
on how to deploy your SSL files.
OPTIONAL
You can start 9iAS in SSL mode (see Step #12) and test the pre-installed demo
certificate and private key included for testing purposes.
It is a good idea to test to be sure the Oracle HTTP Server SSL mode works
successfully before deploying your new SSL certificate. To try these demo
files, access the 9iAS index page in a browser using the HTTPS protocol and
the appropriate SSL Listen port. URL format:
https://myhost.domain.com:<ssl_port>
The user will see a Security Alert (IE), or New Site Certificate (Netscape)
warning message, click Continue/Next to accept.
OPTIONAL
To create a self-signed certificate, execute the following commands:
(csh) % setenv RANDFILE rand.rnd
<sh or ksh> % export RANDFILE=rand.rnd
% openssl x509 -req -days 30 -in certreq.csr -signkey priv.key > tempcert.crt
- when prompted, enter the "PEM pass phrase" set when the private key was created.
- this command generates a temporary self-signed certificate file 'tempcert.crt'
valid for 30 days, which can be used while awaiting a valid SSL certificate
purchased from an authorized CA-vendor.
- if this option is used, after generating the 'tempcert.crt' file, skip to
Step #6 for instructions on how to deploy your SSL files.
OPTIONAL
These steps are specifically for requesting a TRIAL certificate from the
CA-vendor Verisign.
- Go to www.verisign.com and click on "Free Guides and Trials" link and
follow instructions to request a "Free Trial SSL ID". During this process,
you will be asked to provide certificate request information.
- Open the 'certreq.csr' file using your text editor of choice.
- Starting with "-----BEGIN NEW CERTIFICATE REQUEST-----" copy all lines
including the BEGIN and END of certificate lines.
- Paste this copied data into the Verisign page where requested and continue.
- You will see the Verisign web site decode your certificate request
information. This decoded information is presented to you to verify it is
correct. If it is, then continue with the process.
- You will be presented with another set of questions from Verisign. Be sure
to answer with the correct email address, as this address will be used to
send your SSL certificate.
- After you answer all these questions, you will be sent a TRIAL 14-day
SSL certificate via email.
- WARNING! You must follow this step carefully, you cannot copy and paste
information from an email to a new text file. After you get your TRIAL
certificate, save the entire email message to a text file. Open this file
using your text editor of choice. You will see the email address header
information and the line:
-----BEGIN CERTIFICATE-----
- Delete all text that appears before the -----BEGIN CERTIFICATE----- line.
The modified file should contain only certificate information. After you
delete the email header, save this text file inside your temporary directory
with the filename 'trialcert.crt'.
6. Now you are ready to configure Oracle9i Application Server (9iAS) with your
SSL certificate files.
7. Back up your existing <9iAS_HOME>/Apache/Apache/conf/httpd.conf file.
8. Open the httpd.conf file with your text editor of choice.
9. Edit the following httpd.conf directives to use your generated private key
and SSL certificate file, which could be the filename for either the
temporary self-signed certificate, the TRIAL test certificate, or the
purchased valid certificate. The information following the # symbol are
comments.
NOTE
The directory of the SSL files (private key and certificate file)
can reside in any location you choose. The temporary working
directory will continue to be referenced in these procedure steps.
# use the appropriate (i.e., valid, temporary, or trial) certificate filename
SSLCertificateFile /u01/tmp/myssl/tempcert.crt
#private key from Step #4 above:
SSLCertificateKeyFile /u01/tmp/myssl/priv.key
10. Save your modified httpd.conf and exit the text editor.
11. Log in as authorized user (if default ports 80 and 443 are used, ROOT user
must execute commands in next step).
12. Execute the following command to stop, then start Apache in SSL mode
(ensure proper UNIX environments are set; else, execute command from
<9iAS_HOME>/Apache/Apache/bin.)
For Oracle8iAS 1.x:
% httpdsctl stop
% httpdsctl startssl
For Oracle9iAS 1.0.2.x:
% apachectl stop
% apachectl startssl
- when prompted, enter the "pass phrase" created in Step #3.
-- not required if you unencrypted the private key file
- when the Oracle HTTP Server starts successfully in SSL mode, access the
9iAS index page in a browser using the HTTPS protocol and the appropriate
SSL Listen port. URL format:
https://myhost.domain.com:<ssl_port>
- if using a temporary self-signed or TRIAL test certificate, the user will
see a Security Alert (IE), or New Site Certificate (Netscape) warning message,
click Continue/Next to accept.
====================
I hope this help !!
Ilan Salviano
Maybe you are looking for
-
I am having a problem starting the Oracle Listener after a system crash on Windows NT. However, if I first connect to the internet and then try to restart, everything works ok. Why should I have to connect to the internet with my laptop in order to s
-
Mail will not open from dock and wont allow me to shut down, Help?
My mail will not open from the dock and if I try and close my computer it is prevented by the application mail being open. Help please.
-
Hi, SharePoint 2013 help system at: http://office.microsoft.com/client/15/serverhelp/results?qu=List&products=WSSEndUser&lcid=1033&SYSLCID=1033&UILCID=1033&Version=15 seems to have broken. Can moderator please report the issue to Microsoft? Thanks, t
-
Hi, We have NW 7.3 installed on Windows server 2003/Ms sqlserver 2005. The license we had expired and got a new licenses for both ABAP(sid = NWA) and Java (sid = NWJ). For ABAP, i applied through SLICENSE by loggin in as SAP*. But for Java, we cant s
-
Mavericks calendar travel time
There is a bug when I play with the travel time in Calendar. I select a travel time of 30 minutes for one event. Then I change it to "none" or 1 hour. I click apply. A few seconds later the travel time goes back to 30 minutes. No matter how many time