Okay, I will be running ORDS in standalone mode as front-end to APEX 5.0.3.00.03. I was able to successfully run ORDS using the self-signed certificate option. When I tried to use a real certificate, I did these steps:
- Created a certificate signing request (CSR)
- Obtained an SSL Certificate and then created a private key using the command
- openssl req -new -newkey rsa:2048 -nodes -out external_example_com.csr -keyout external_example_com.key -subj "/C=PL/ST=Warsaw/L=Warsaw/O=Example Company/OU=Servers/CN=external.example.com"
- Ran java -jar ords.jar and answered all the questions, and got an exception
- Then I read the manual for ORDS 3.0.5, and saw I needed a DER encoded private key.
- Tried this command to create a DER-encoded private key from the external_example_com.key with the output file name of external_example_com.der
- openssl rsa -outform DER -in external_example_com.key -out external_example_com.der
- removed the params directory and reran java -jar ords.jar and answered all the questions, specifying
- Enter the path for the SSL Certificates private key:/etc/ssl/external_example_com.der
- Got an exception.
2016-06-03 16:55:36.127:INFO::main: Logging initialized @444508ms
Jun 03, 2016 4:55:36 PM oracle.dbtools.standalone.StandaloneJetty setupSSL
INFO: Provided certificate. Removing old the keystore files
Jun 03, 2016 4:55:36 PM oracle.dbtools.standalone.StandaloneJetty setupSSL
INFO: Deleted ords keystore false
Jun 03, 2016 4:55:36 PM oracle.dbtools.standalone.StandaloneJetty setupSSL
INFO: Deleted priv key false
Jun 03, 2016 4:55:36 PM oracle.dbtools.standalone.StandaloneJetty setupSSL
INFO: Deleted passfile false
Jun 03, 2016 4:55:36 PM oracle.dbtools.standalone.StandaloneJetty setupSSL
INFO: User provided certificate.
Jun 03, 2016 4:55:36 PM oracle.dbtools.standalone.StandaloneJetty readCertificate
SEVERE: Error extracting private key
Jun 03, 2016 4:55:36 PM oracle.dbtools.standalone.StandaloneJetty readCertificate
SEVERE: java.security.InvalidKeyException: IOException : algid parse error, not a sequence
java.security.spec.InvalidKeySpecException: java.security.InvalidKeyException: IOException : algid parse error, not a sequence
at sun.security.rsa.RSAKeyFactory.engineGeneratePrivate(Unknown Source)
at java.security.KeyFactory.generatePrivate(Unknown Source)
at oracle.dbtools.standalone.StandaloneJetty.readCertificate(StandaloneJetty.java:343)
at oracle.dbtools.standalone.StandaloneJetty.setupSSL(StandaloneJetty.java:511)
at oracle.dbtools.standalone.StandaloneJetty.start(StandaloneJetty.java:216)
at oracle.dbtools.standalone.Standalone.execute(Standalone.java:438)
at oracle.dbtools.cmdline.DefaultCommand.execute(DefaultCommand.java:134)
at oracle.dbtools.cmdline.Commands.execute(Commands.java:193)
at oracle.dbtools.cmdline.Commands.main(Commands.java:154)
at oracle.dbtools.cmdline.Commands.main(Commands.java:346)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at oracle.dbtools.jarcl.Entrypoint.main(Entrypoint.java:58)
Caused by: java.security.InvalidKeyException: IOException : algid parse error, not a sequence
at sun.security.pkcs.PKCS8Key.decode(Unknown Source)
at sun.security.pkcs.PKCS8Key.decode(Unknown Source)
at sun.security.rsa.RSAPrivateCrtKeyImpl.(Unknown Source)
at sun.security.rsa.RSAPrivateCrtKeyImpl.newKey(Unknown Source)
at sun.security.rsa.RSAKeyFactory.generatePrivate(Unknown Source)
... 15 more
I tried also encoding the public certificate too, and also got an exception.