Forum Stats

  • 3,853,838 Users
  • 2,264,283 Discussions
  • 7,905,465 Comments

Discussions

EM12c Configuring AD with SSL certificate

Hi all,

First off, I am just a lowly Oracle DBA with minimal Weblogic experience, so please consider that when reviewing my question and posting a reply (if any).

I have installed EM12c, one database server, one application server. I want to integrate the application with an LDAP server, Microsoft Active Directory (I don't have a choice!). I have been following the documentation at https://docs.oracle.com/cd/E24329_01/web.1211/e24422/atn.htm#SECMG539

However, this afternoon I managed to break my admin server console after I tried to change the keystore from Demo to Custom - I managed to restore my ./gc_inst directory and restart all the services. So I am back to square one, the documentation isn't very helpful, at least to a DBA trying to configure the admin server!

Has anyone done this? Is there a Walkthrough anywhere? From the documentation, it's not clear to me whether I should be changing the keystore for EMGC_ADMINSERVER or EMGC_OMS1 or both!

Here is what I have done so far:

                  i) Create a directory on the application server to hold the keystore

mkdir –p $WL_HOME/keystores

cd $ WL_HOME/keystores


ii) Create the keystore:

keytool -import -keystore ./ldapTrustKS -trustcacerts -alias oidtrust -file /dbasw/certificates/NETACPTCert.cer -storepass TrustKeystorePwd –noprompt

Certificate was added to keystore

                  

                 iii) Navigate to both EMGC_ADMINSERVER and EMGC_OMS1, configuration > keystores > Lock and Edit > Change the drop down menu from Demo ID and Trust to Custom ID and                      Trust, complete the fields below.

But I can't get it to work!

This is a test system, so I have unashamedly copied the keytool command directly from the manual - once I have confirmed it working I will change the password!

I Appreciate people taking the time to read this.

Thanks,

Tagged:
This discussion has been closed.