My Oracle Support Banner

Enable SSL With Custom Keystore In CCB Native Install (Doc ID 2430775.1)

Last updated on AUGUST 03, 2018

Applies to:

Oracle Utilities Customer Care and Billing - Version 2.5.0.2.0 and later
Information in this document applies to any platform.

Goal

On : 2.5.0.2.0 version, SE - Security

Enable SSL with custom keystore in CCB native install

User going to enable CA and self signed certificates, user also need our own keystore(separate identity and trust).user have a native install. However, user have many questions for which user do not have clarity. Note user already referred these note IDs: 2014161.1, 2011477.1, 2232875.1, 2066729.1, 2256322.1, 2098297.1, 2385318.1

a) Since user have a native install, user know how to configure SSL at the weblogic layer, however, since user hashes are stored in the DB and our new identity keystore will not have it, what steps do user need to perform to synchronize users, please provide high level steps.
b) user also need to enable SSL for batch server, what steps do user need to perform to ensure batch server is referring to our custom trust store
c) Since our old demo keystore had many users hashes, how can user import that information to our new keystore and synchronize
d) Next, when user check our current install, user have these values for OUAF trust options, however user need RSA as our key algorithm and key size 2048, what about HMAC alias, padding and mode for this? what values should we change when we use RSA?

OUAF TrustStore Options
  Import TrustStore Directory: /u01/app/oracle/ccb/ouafccb/CCBUAT/ks
  Store Type: JCEKS
  Alias: ouafccb.ks
  Alias Key Algorithm: AES
  Alias Key Size: 128
  HMAC Alias: ouafccb.ks.hmac
  Padding: PKCS5Padding
  Mode: CBC

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.