Enable SSL With Custom Keystore In CCB Native Install
(Doc ID 2430775.1)
Last updated on FEBRUARY 28, 2020
Applies to:Oracle Utilities Customer Care and Billing - Version 220.127.116.11.0 and later
Information in this document applies to any platform.
CCB - Oracle Utilities Customer Care and Billing
OUAF/FW - Oracle Utilities Framework
SSL - Secure Sockets Layer
RSA - public-key encryption technology
HMAC - Hash-Based Message Authentication Code
HTTPS - HyperText Transfer Protocol Secure
On CCB v18.104.22.168.0, SE - Security
Enable SSL with custom keystore in CCB native install
User going to enable CA and self signed certificates, user also need our own keystore (separate identity and trust).user have a native install. However, user have many questions for which user do not have clarity. Note user already referred these note IDs: 2014161.1, 2011477.1, 2232875.1, 2066729.1, 2256322.1, 2098297.1, 2385318.1
a) Since user have a native install, user know how to configure SSL at the weblogic layer, however, since user hashes are stored in the DB and our new identity keystore will not have it, what steps do user need to perform to synchronize users, please provide high level steps.
b) user also need to enable SSL for batch server, what steps do user need to perform to ensure batch server is referring to our custom trust store
c) Since our old demo keystore had many users hashes, how can user import that information to our new keystore and synchronize
d) Next, when user check our current install, user have these values for OUAF trust options, however user need RSA as our key algorithm and key size 2048, what about HMAC alias, padding and mode for this? what values should we change when we use RSA?
OUAF TrustStore Options
Import TrustStore Directory: /<path>/ks
Store Type: JCEKS
Alias Key Algorithm: AES
Alias Key Size: 128
HMAC Alias: ouafccb.ks.hmac
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document