Kevin Kempf's Blog

December 31, 2009

SSL & Servlet

Filed under: 11i, Techstack — kkempf @ 1:45 pm

ssl

I just realized that something which I had put in draft in September was still sitting in draft today… the information is still valid…

Pursuing the goal of moving my 11i Ebusiness Suite techstack forward, last weekend I cut over the application server to use SSL and Forms Servlet.  This has been a long time coming, but really it just ended up being a few edits to the context file, landing the certificates on the server and running autoconfig.  This information is based upon 123718.1 and it’s worth noting that forms socket won’t support Native Java with SSL (290807.1).

SSL

  • First, land the certificates into $COMN_TOP/admin/certs/apache (cp -R)
  • Context file edits
  • set the %s_url_protocol variable to https
  • set the %s_local_url_protocol variable to https
  • set the %s_webentryurlprotocol variable to https
  • set the %s_frmConnectMode variable to https
  • set the %s_webssl_port variable to the Apache SSL port required
  • set the %s_active_webport variable to the same value as that for the %s_webssl_port variable
  • set the %s_webport variable to the same value as that for the %s_webssl_port variable
    Note: prior to  TXK (FND) AutoConfig Template Rollup Patch F (3104607   December 2003) this value was set to the non-ssl Apache Port.

  1. set the %s_web_ssl_directory variable to point to the full directory path of the directory that is to contain the .crt and .key files that you are using for Apache eg <$COMMON_TOP>/admin/certs/apache
  2. set the %s_web_ssl_keyfile variable to point to the server.key file that you are using for Apache eg <$COMMON_TOP>/admin/certs/apache/ssl.key/server.key
  3. set the %s_web_ssl_certfile variable to point to the server.crt file that you are using for Apache eg <$COMMON_TOP>/admin/certs/apache/ssl.crt/server.crt
  4. set the %s_web_ssl_certfile variable to point to the ca-bundle.crt file that you are using for Apache eg <$COMMON_TOP>/admin/certs/apache/ssl.crt/ca-bundle.crt
  5. set %s_apps_portal_url variable to https
  6. set s_forms_servlet_serverurl to /forms/formservlet
  7. set s_forms_servlet_comment to <null>
  8. s_f60map, s_chronosURL, s_external_url to https from http

run AutoConfig

Forms Servlet

Context file changes:

  • <forms_connect oa_var=”s_frmConnectMode”>https</forms_connect>           or http
  • <server_url oa_var=”s_forms_servlet_serverurl”>/forms/formservlet</server_url>
  • <servlet_comment oa_var=”s_forms_servlet_comment”/>          or <servlet_comment oa_var=”s_forms_servlet_comment”></servlet_comment>

Run autoconfig

Advertisements

Blog at WordPress.com.