Tuesday, February 7, 2017

Enabling SSL for Oracle SOA Managed Server

SSL or TLS is a transport level security, a de-facto standard for secured communication over web ( HTTPS) or file systems( sFTP/secure File transfers). It secures communication by providing message encryption, integrity, and authentication.


  • Authentication enables the server and client to check that the other party is who it claims to be.
  • Integrity ensures that a message sent by a client is received intact by the server, untampered.
  • Encryption provides confidentiality by allowing only the intended recipient to read the message.


For more details about this refer to http://docs.oracle.com/cd/E25054_01/core.1111/e10105/sslconfig.htm#autoId1

The below picture depicts succintly and clearly how SSL session is conducted:



Two kinds of SSL options exist -

  • One Way  
  • Two way. 

This is often misleading term with out mentioning the source and destination. One-Way usually refers to the source trying to be able to call a secured service at the destination. Two Way refers to destination also being able to consume the  secured services at the source in addition to one -way, better represented using pictures below. Source: ibm.com

To configure 2 way SSL on on Oracle SOA 11g Managed server the below are high level steps:

  1. Generate public key/ private key pair in a java identity key store.
  2. Generate either  
  3. Copy the self signed certificate to trust keystore.
  4. Add the third party certificates ( root/intermediate) into the trust storeModify the setDomainEnv.sh to refer to correct trust store.
  5. Refer to the above custom identity and trust stores from SOA managed server in weblogic.
  6. Enable SSL on a port.

The detailed steps for the same are clearly mentioned in the below posts:

5 comments:

  1. This comment has been removed by a blog administrator.

    ReplyDelete
  2. This blog explains the details of most popular technological details. This helps to learn about what are all the different method is there. And the working methods all of that are explained here. Informative blog.For more details about oracle fusion financial please check our website.

    Oracle Fusion Financial Training Institute

    ReplyDelete
  3. I really appreciate information shared above. It’s of great help. If someone want to learn Online (Virtual) instructor lead live training in Oracle 11g Fusion Java Programming, kindly contact us http://www.maxmunus.com/contact
    MaxMunus Offer World Class Virtual Instructor led training on Oracle 11g Fusion Java Programming. We have industry expert trainer. We provide Training Material and Software Support. MaxMunus has successfully conducted 100000+ trainings in India, USA, UK, Australlia, Switzerland, Qatar, Saudi Arabia, Bangladesh, Bahrain and UAE etc.
    For Demo Contact us.
    Nitesh Kumar
    MaxMunus
    E-mail: nitesh@maxmunus.com
    Skype id: nitesh_maxmunus
    Ph:(+91) 8553912023
    http://www.maxmunus.com/



    ReplyDelete
  4. I would like to thank you for the efforts you have made in writing this article. I am hoping the same best work from you in the future as well. Your write up is a fine example of it.For additional information please visit our website.

    Oracle Fusion Financial Training

    ReplyDelete