Its because browsers have stricter security these days and specifically disable SSLv3 support in favour of TLS1.1+
The 126.96.36.199 version of Oracle products only do SSLv3 and TLS1.0, thus the browsers will refuse to handshake with them unless you do hacks like the one you have done.
The 188.8.131.52 version of Oracle products support TLS1.1+, so if possible/available upgrade to that version. There are also some security patches on top of 184.108.40.206 for some products that will allow TLS1.1+.
You should also use a keysize of 2048 instead of 1024.
And one last question. We use a reverse proxy in front of the OBIEE server, in order to redirect external requests.
Now , I want to buy a digicatil certificate from Thawte. There is this question:
Website URL to secure:
¿Do I have to write the URL published to Internet in the reverse proxy, or the internal URL of the OBIEE Server?
The external internet facing one.
in the moment to create a certficate pair using keytool, I was asked with this question:
keytool -genkey -alias parex_cert -keyalg RSA -keysize 1024 -validity 1020 -keypass parexcert -keystore identity.jks -storepass parexcert
What is your first and last name?
and I wrote the full qualified name of the OBIEE server. ¿So....Should I also write the name published on the Internet instead of the OBIEE Server?