3 Replies Latest reply on Jul 3, 2018 2:59 PM by GravyKing

    question about Certificate Authority's

    GravyKing

      EBS R12.1.3 environment running on RHEL 7.

       

      A few years back we had to get a signed certificate vs the old 'self signed' certificate we were using and we went with EnTrust as our supplier as we were using them for other certificates.

      We followed this Guide:  Enhanced Jar Signing for Oracle E-Business Suite (Doc ID 1591073.1)

       

      Now we are up for renewal and finding the process to be way more complex than before:

      - The requirement is that the certificate stay on an HSM or other FIPS 140-2 level 2 certified device

      - so it involves using usb keys (Safenet HSM tokens) on a windows pc that the Linux server can access?

      - or a rack mount HSM or Cloud HSM etc. etc. WTH?

       

      I understand security and its importance but this is really seems like overkill for a company with apps that are not external facing.

       

      So just wondering:

      a) is anbody else here using EnTrust and have they gone through this?

      b) what authority are other people using to get their certificates signed?