Register for Apps DBA Training
For Apps DBA Beginner's
  • Start From Here
  • Order of Apps Study
  • 11i Software
  • Apps Architecture
  • Install Apps 11i
  • Install Apps 11i Part II
  • Startup/Shutdown
  • Request Flow in Apps
  • Various TOP's
  • Cloning Basics
  • Cloning I
  • Cloning II
  • Autoconfig Basics
  • Autoconfig Config File
  • Template Files in Autoconfig
  • Discoverer Overview
  • Workflow Mailer in Apps
  • Printing Overview
  • Configuring Printers
  • Pasta Printing
  • Performance Overview
  • Install 10g Application Server
  • Apps DBA Certification
  • Common DBA Topics
  • Scared of RAC ?
  • Install RAC on your laptop part I
  • Step by Step build RAC part II
  • Step by Step install RAC using VMWare part III
  • Install Oracle RAC Database part IV
  • oraInventory Basics
  • Install Database 10.2.0.1
  • Upgarde DB to 10.2.0.2
  • Fusion
  • Is Fusion a conFusion ?
  • Fusion Middleware Overview I
  • Fusion Middleware Overview II
  • Application Integration Architecture
  • SOA Install Part I
  • SOA Install Part II
  • SOA Install Part III
  • Install BPEL Process Manager
  • Apps Integration OID/SSO
  • Management Qs for Apps Integration with SSO/OID
  • 25 things your DBA should know for Apps/SSO integration
  • Identity Management
  • COREid Overview
  • Oracle COREid or Idm & Access Mgmt overview
  • Installing Access Manager 10.1.4
  • WebGate request flow
  • Identity Manager Architecture
  • Installing Identity Manager
  • OAS-SSO Overview
  • OID Overview
  • OID Basics II
  • OID Cluster
  • OID Integration with Other LDAP Servers overview
  • Integrate OID with AD I
  • OID Replication Overview
  • Multi Master OID Replication
  • Migrate OID/SSO to new Host
  • Apps R 12
  • Socket or Servlet in R12
  • Startup/Shutdown Scripts in R12
  • Unified APPL_TOP
  • Apps R 12.0.1
  • Difference between 11i & R12 Technical
  • Prepare for R12 Installation
  • Install VMWare on Windows for Linux Install
  • Install Linux for Apps R12 Install
  • Install Apps R12 on Linux Virtual Machine
  • R12 Upgrade & database
  • R12 Fils System Changes
  • R12 Release Date
  • 10g Application Server
  • 10g AS Overview
  • Installing 10g AS
  • Start/Stop 10g AS
  • Web Cache Basics
  • Single Sign-On Overview
  • OID Overview
  • Cloning 10g AS
  • 10g AS Middle tier Cloning & Overview
  • OID Cluster Imp. Points
  • CPU Patch, Infra Tier
  • CPU Patch, Middle Tier
  • AS Guard / DR Overview
  • Oracle Apps 11i
  • My Site
  • Apps DBA Scripts
  • Apps DBA Interview Q's
  • 11i JVM's
  • Apps Training in India
  • 11i Health Check
  • Good Metalink Notes
  • About Me  
  • For Advanced Apps DBA
  • URL Firewall in DMZ Setup
  • Upgrade Apps to 11.5.10.2
  • Load Balancer Overview
  • Load Balancer Config
  • HTTP layer Load balancing in Apps 11i
  • Dataguard Overview
  • Configure Dataguard / Standby database
  • Standby Site for Apps 11i
  • How to change Hostname on Apps Instance
  • SSL Overview in Apps
  • Configure SSL to Web Server
  • Key Points for SSL in Apps
  • Reduce Patch Timing
  • Reduce Patch Timing II
  • Shared APPL_TOP Overview
  • Configure Shared APPL_TOP
  • 11i Database Upgrade I
  • 11i Database Upgrade II
  • Change Session TimeOut
  • Patching
  • Apps Patch Basics
  • Apps Patch Basics II
  • Apply Apps Patch
  • CPU Overview
  • Steps to Apply CPU Patch
  • CPU Patch on Infra Tier
  • CPU Patch on AS Middle Tier
  • Troubleshooting
  • Web Server TS Part I
  • Web Server TS Part II
  • CM Troubleshooting
  • 10g Discoverer with Apps
  • Discoverer Bascis in Apps
  • Discoverer 10g Upgarde Basics
  • Discoverer 10g Configuration Steps with 11i
  • Collaboration Suite
  • Collaboration Suite
  • Calendar Overview
  • Sync Calendar from Mobile I
  • Sync Calendar from Mobile II
  • OCS Mail Architecture
  • Apex / HTMLDB
  • Install Apex 2.2
  • Apex with SSO part I
  • Apex with SSO part II
  • SSO Authentication Schemes
  • Certification
  • Possible Certifications for DBA
  • Apps DBA Certification
  • 1Z0-311-OCA-10g OAS Overview
  • 1z0-312-OCP-10g OAS Overview
  • 1z0-312 - Managing Customization and Topology
  • 1z0-312 - Cloning and Staging OAS
  • Apps DBA Jobs
  • Working / Apps DBA in UK
  • Oracle Recruiting Apps DBA's
  • Apps DBA Jobs Updated Regularly
  • Apps Job at Satyam
  • Useful Links
  • Good Metalink Notes
  • petefinnigan's Oracle Security
  • Linux Basics
  • Atul Mehta's Oracle Links
  • Others
  • Apps DBA Training Institute
  • 1 Year Journey of this Blog
  • How To ?
  • Change APPS Password
  • Preserve Customizations
  • Blog Roll
    Apps / E-Business Suite
  • Steven Chan Apps
  • Anil Passi Technical
  • Fadi Apps DBA
  • Senthil Apps DBA
  • Bas Klaassen EBS DBA
  • Sam Apps DBA
  • Black Geek Apps DBA
  • Bandari Apps
  • Vikram ERP Architect
  • OraBiz
  • Eric Core DBA
  • SOA
  • Navdeep Saini Apps DBA
  • tugdualgrall Web Services
  • Mohan Dutt's Apps Certification
    IdM
  • Nishant Kaushik's IdM
  • Nulli Blog, OAM
  • Identity Musing
  • Identity nd Access Management
    Core DBA
  • Vidya Bala DBA
  • Sabdar DBA
    Data Management
  • Ivan Pellegrin Data Management


  • We have moved to http://onlineAppsDBA.com kindly check http://onlineAppsDBA.comin future
    Winding Up SSL Implementation in Oracle Apps 11i
    Tuesday, October 31, 2006
    Register for R12 upgrade
    Today I am winding up SSL configuration in Apps with explanation, Check Previous Post on SSL at

    Overview of SSL in Apps http://becomeappsdba.blogspot.com/2006/10/overview-of-ssl-in-oracle-applications.html
    Overview of SSL in Apps Web Server http://becomeappsdba.blogspot.com/2006/10/configure-ssl-or-https-for-oracle-apps.html

    SSL Configuration on Web Server broad level Steps
    1.1 Create Certificates Using openssl (You can try OWM Oracle Wallet Manager as well)
    1.2 Change Context File parameters mentioned in previous post mentioned above
    1.3 run Autoconfig
    1.4 Test Application

    For detailed stesp by step guide for implementing SSL on E-Business Suite follow Metalink Note # 123718.1 11i: A Guide to Understanding and Implementing SSL for Oracle Applications
    Above note covers SSL for Web Server , Form Server & Database Server , In typical Implementation you can configure SSL just to web server Node.

    Few Important Note/Points w.r.t. SSL

    SSL with Multiple Middle Tier
    1. If you have multiple middle tier like server1, server2 ..serverN with load balancer infront of them & assume load balancer & assume that you access your apps via URL http://teachmeoracle.com which means ServerName in httpd.conf will have value teachmeoracle.com and while generating SSL under create CSR (Certificate Signing Request)phase Common Name should be same as ServerName in httpd.conf
    2. You can use same Certificates as long as ServerName in httpd.conf are same

    Cloning SSL Instances
    If you are cloning already configured SSL to Target Instance, you need to create new Certificates on Target Instance. If target Instance was previously configured with SSL before cloning take a backup of SSL certificates (By Default certificates are in $IAS_ORACLE_HOME/Apache/Apache/certs/apache ssl.crt & ssl.key) and replace them after cloning.

    If you are not sure about location of Certificates , check following directive in Context File ( *.xml file )
    web_ssl_directory
    web_ssl_keyfile
    web_ssl_certfile
    web_ssl_certchainfile

    Performance with SSL
    Yes, there be little bit performance degradation with SSL as server take some time to encrypt & decrypt messages/packets between Client & Server but there will not be big performance degradation. If you can't afford performance hits because of SSL you can use
    SSL Accelerators

    Related Links
    123718.1 11i: A Guide to Understanding and Implementing SSL for Oracle Applications
    http://becomeappsdba.blogspot.com/2006/10/overview-of-ssl-in-oracle-applications.html
    http://becomeappsdba.blogspot.com/2006/10/configure-ssl-or-https-for-oracle-apps.html

    Post your comments on how you find this document ...
    Was this useful ? Should I explain in more detail or you need step by step guide
    Your Feedback & Comment is quite important in Improving Contents on this Site

    http://teachmeoracle.com/forum <- Forum Dedicated to Apps DBA's

    Labels: ,


    We have moved to

    http://onlineAppsDBA.com

    kindly check onLineAppsDBA.com in future

    add to del.icio.usdel.icio.us  ¦  digg thisDigg This  ¦  My Yahoo!My Yahoo  ¦  RedditReddit  ¦  add to BlinkListBlinkList   ¦  Furl ItFurl It  ¦  Email This Email This  ¦     Leave Your Comments
    posted by Atul Kumar @ 3:17 PM  
    8 Comments:
    • At 7:48 AM, Anonymous Vitaliy said…

      You can save yourself a lot of trouble by putting hardware Proxy/SSL-accelerator in front of your midtier.

       
    • At 7:49 AM, Anonymous Vitaliy said…

      You can save yourself a lot of trouble by putting a hardware Proxy/SSL-accelerator in front of your midtier.

       
    • At 9:28 AM, Blogger Atul Kumar said…

      Vitaliy

      Can you elaborate on trouble ?

      Yes SSL accelerator will improve performance on SSL enabled web tier but there is additioanl cost associated with SSL accelerators

       
    • At 5:57 PM, Anonymous Vitaliy said…

      Changing SSL certs every time you clone. Dealing with expired SSL certs. Dealing with SSL related security bugs.

      While ORACLE APPS has built-in SSL functionality it's not the only and not the best solution out there.

      Hardware SSL-accelerator/Proxy can do a much better job on all counts.

       
    • At 5:32 PM, Anonymous ssl247.co.uk said…

      Seems like interesting comments Vitaliy, And nice guide Atul

       
    • At 5:40 PM, Blogger Shekhar said…

      Hi Atul,

      We made our EBS as SSL enable. After SSL we are not able to book Sales order giving error "Configuration validation resulted in error(s)"
      According to me some profile is not set correct that's why its giving error. If anyone has SSL enable instance please let me what will be the value of these two:

      1)
      profile : "BOM:Configurator URL of UI Manager"

      2)
      select value from cz_db_settings where setting_id='AltBatchValidateURL';

      Now we have,

      SQL> select value from cz_db_settings where setting_id='AltBatchValidateURL';

      VALUE
      https://hostname:4443/configurator/oracle.apps.cz.servlet.UiServlet,'file:wallet_directory','password'

      Note : we have imported the certificate by wallet manager.

      Thanks in advance..
      Shekhar..

       
    • At 5:42 PM, Blogger Shekhar said…

      This comment has been removed by the author.

       
    • At 6:22 PM, Blogger DBA_LA said…

      how do I troubleshoot SIMPLE BIND FAILED error related to SSL on OID server ?

       
    Post a Comment
    << Home
     
    About Me


    Name: Atul Kumar
    Home: London, United Kingdom

    About Me: I am Independent Oracle consultant. If you wish to hire me on Contract or to Quote on project basis contact me at
    atul @ onlineappsdba.com

    See my complete profile

    View Atul Kumar's profile on LinkedIn

    E-mail Subscription

    Enter your email address:

    Delivered by FeedBurner

    Search
    Only search this Blog
    Categories
  • Advanced Topics
  • Application Server
  • Apex / HTMLDB
  • Apps 11i
  • Apps R12
  • Autoconfig
  • Basics
  • Certification
  • Cloning
  • Discoverer
  • Fusion
  • OID
  • Patching
  • Printer
  • Single Sign-On
  • Useful Sites & Forum
  • Previous Post
    Archives
    Add On
     

    Add to Technorati Favorites

     

     

    Add to Google

     

    Add to My AOL

     

    Subscribe in Bloglines

     

    Subscribe in NewsGator Online

     
    Powered by



    Hits Since 30, Jul 06

    Blog Counter

    Technology Blogs - Blog Top Sites
    Comments
    ADs
    Copyright © 2006 teachmeoracle.com All rights reserved Presented by Atul Kumar