| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Mailing Lists -> Oracle-L -> The way how to configure OpenSSL to be CA and sign certificate requests acceptable by Oracle Application Server [SOLUTION]
Hello List,
I have found that it isn't obvious how to configure openssl in the way
acceptable by Oracle Application Server (Imported in to a Wallet).
Default OpenSSL configuration doesn't work.
I decided to publish that information because believe it can be used
by somebody else.
It is excellent way to test you SSL enabled configuration for proving
concepts without buying certificates from comercial parties or using
short term trials.
# 1. OPEN SSL Setup CA
mkdir -p $ca/demoCA # $ca any dir where you would like to store CA
cd $ca
echo randomized_string > .rnd
touch demoCA/index.txt
cp $openssl_home/openssl.cnf .
export OPENSSL_CONF=$ca/openssl.cnf
# 2. OPENSSL Create CA
$openssl_home/bin/openssl req -new -x509 -keyout cakey.pem -out
cacert.pem -days 10000
# 3. OWM Generate Wallet + CRequest.csr
# 4. OPENSSL Sign CRequest
export OPENSSL_CONF=$ca/openssl.cnf
$openssl_home/bin/openssl x509 -req -in CRequest.csr -CA cacert.pem
-CAkey cakey.pem -CAcreateserial -days 365 > CRequest.crt
# 5. OWM Import Trusted CT
# 6. OWM Import CRequest.crt
# 7. OWM Save Wallet
# 8. Configure Apache (OHS) as described in Docs or Metalink
PS If you have an issue I be happy to assist. Obviously in my spare time.
Yury
+44 7738 013090 (GMT)
-- http://www.freelists.org/webpage/oracle-lReceived on Fri Apr 21 2006 - 13:55:30 CDT
 |
 |