Oracle_Apps: Configure SSL at Oracle Web Server level

Share via:

URL to access E-Business Suite : http://<web server host name>.<domain>:<port number>

SSL enabled URL to access E-Business Suite : https://<web server host name>.<domain>:<port number>   which is more secure

How to find above URL in database
sqlplus apps/apps
QUERY : SELECT home_url FROM icx_parameters;

Usually data transmitted between client machine & server (Web Server on http protocol & Forms Server on Sockets ) is clear text packets.
Any one can put Packet Sniffer between Client machine & Server & can open & read all data transaction between your machine & Server (If he/she has network access)
Hacker can get your Username/Password or any sensitive data. This become critical when you have Internet access to Oracle Applications 11i (Usually Self Service Implementation)

To over come this or for more secure, we will need to implement SSL in Applications

SSL stands for Secure Socket Layer which is protocol. Data Transferred between Server & Client is Secured (Encrypted)

By default you access Applications over HTTP (Hyper Text Transfer Protocol) but after enabling SSL on web server you will access via HTTPS (Secure) . Data will be encrypted at one end & decrypted at other end.

Communication between Client & Oracle Applications happen via three components.
Oracle Web Server (Initial Connection & all self service access is via Web Server/Apache). If your Form Server is in servlet Mode then Core Applications are also accessed via Web Server (Jserv Component)
Oracle Form Server : For Core Oracle Application Access (Forms)
Database : You access web server which in turn talks to database Server via UTL_HTTP package via dad (/pls/$SID)

So You enable SSL on particular component depending on your requirement & component which is accessible over Internet & should be secured. You can Implement across all three component or only one or any two.

port 443 is standard port for HTTPS as port 80 for HTTP.

SSL Configuration on Web Server broad level Steps:

1. Create your SSL Certificates Using openssl

using  /usr/local/ssl/openssl.cnf
2. Configure SSL parameters for web server variables via OAM or by changing Context File (xml file in APPL_TOP)
s_web_ssl_directory – Directory where SSL certificates are stored
s_url_protocol – https means you are using ssl (Default is http)
s_local_url_protocol – change it to https for SSL
s_webssl_port – Apache SSL port
s_active_webport – same as s_webssl_port
s_webport – same as s_webssl_port

3. Copy SSL Certificates created in step1 above, in SSL directories
By Default certificates directories are in $IAS_ORACLE_HOME/Apache/Apache/certs/

certificates are apache ssl.crt & ssl.key

or you can find it from application context file 

cd $APPL_TOP/admin

grep -i s_web_ssl_directory SID_HOSTNAME.xml 

4. Run Autoconfig to take new parameters to take into effect
XML file of format SID_HOSTNAME.xml in $APPL_TOP/admin directory
Here is the script location
For Database tier its $ORACLE_HOME/appsutil/scripts/$CONTEXT_NAME
For Application Tier its $OAD_TOP/admin/scripts/$CONTEXT_NAME calls from $AD_TOP/bin which inturn calls from $AD_TOP/bin

Don’t forget to take backup before executing autoconfig.

5. Test Applications with SSL

SSL URL to access E-Business Suite : https://<web server host name>.<domain>:<port number>

Share via:
Note: Please test scripts in Non Prod before trying in Production.
1 Star2 Stars3 Stars4 Stars5 Stars (12 votes, average: 5.00 out of 5)

2 thoughts on “Oracle_Apps: Configure SSL at Oracle Web Server level

Add Comment