- 17.9K All Categories
- 3.4K Industry Applications
- 3.3K Intelligent Advisor
- 67 Insurance
- 536.8K On-Premises Infrastructure
- 138.5K Analytics Software
- 38.6K Application Development Software
- 5.9K Cloud Platform
- 109.5K Database Software
- 17.6K Enterprise Manager
- 8.8K Hardware
- 71.2K Infrastructure Software
- 105.3K Integration
- 41.6K Security Software
EM12c Configuring AD with SSL certificate
First off, I am just a lowly Oracle DBA with minimal Weblogic experience, so please consider that when reviewing my question and posting a reply (if any).
I have installed EM12c, one database server, one application server. I want to integrate the application with an LDAP server, Microsoft Active Directory (I don't have a choice!). I have been following the documentation at https://docs.oracle.com/cd/E24329_01/web.1211/e24422/atn.htm#SECMG539
However, this afternoon I managed to break my admin server console after I tried to change the keystore from Demo to Custom - I managed to restore my ./gc_inst directory and restart all the services. So I am back to square one, the documentation isn't very helpful, at least to a DBA trying to configure the admin server!
Has anyone done this? Is there a Walkthrough anywhere? From the documentation, it's not clear to me whether I should be changing the keystore for EMGC_ADMINSERVER or EMGC_OMS1 or both!
Here is what I have done so far:
i) Create a directory on the application server to hold the keystore
mkdir –p $WL_HOME/keystores
cd $ WL_HOME/keystores
ii) Create the keystore:
keytool -import -keystore ./ldapTrustKS -trustcacerts -alias oidtrust -file /dbasw/certificates/NETACPTCert.cer -storepass TrustKeystorePwd –noprompt
Certificate was added to keystore
iii) Navigate to both EMGC_ADMINSERVER and EMGC_OMS1, configuration > keystores > Lock and Edit > Change the drop down menu from Demo ID and Trust to Custom ID and Trust, complete the fields below.
But I can't get it to work!
This is a test system, so I have unashamedly copied the keytool command directly from the manual - once I have confirmed it working I will change the password!
I Appreciate people taking the time to read this.