How to Change the Communication Mode Between the WebGate and Access Server to Cert in Oracle Access Manager (OAM) 11g/12c
(Doc ID 1384928.1)
Last updated on OCTOBER 14, 2020
Oracle Access Manager - Version 220.127.116.11.0 and later Information in this document applies to any platform.
How to change the communication mode between the WebGate and Access server to cert for the Oracle Access Manager (OAM) 11g/12c product?
To accomplish this task you will need to generate, manipulate, import, and copy the base of the following files, using various tools (openSSL, keytool) and formats (.pem,.der).
key - key created during the creation of the certificate request cert - certificate returned from the CA based on the submitted request chain â rootCA/subCA certificate that is trusted by the certificate
In the end, there will be 6 resulting files. Three files (two .der and one .pem) that are used by the OAM server and that are imported into the .oamkeystore. Three files (three .pem) that are copied to the associated WeGates specific directory location.
OAM Server (.oamkeystore) - aaa_key.der - aaa_cert.der - aaa_chain.pem WebGate (WebGate version specific location) - aaa_key.pem - aaa_cert.pem - aaa_chain.pem
Passwords you will need to know and remember ... aaa_key.pem password - This password is set in section I. Generating a Certificate Request and Private Key and will be needed when reading the key. It is used in this document when converting the aaa_key.pem to DER format.
.oamkeystore - This password is verified in section II. Retrieving the OAM Keystore (.oamkeystore) Password and will be needed when dealing with the .oamkeystore. It is used in this document when importing the trusted certificate chain, aaa_key.der, and the aaa_cert.der.
Alias Password/ PEM keystore Alias Password - This password is set in section III. Importing the Trusted, Signed Certificate Chain Into the OAM Keystore and will be needed when dealing with the alias used for the certs for the oam server that are imported into the .oamkeystore. It is used in this document when running the importcert.jar to import the .der files and adding the certificate details to Access Manager settings.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!