Steps to create SSL for apex

Refer Doc id

How To Configure SSL For Oracle XML DB ( Doc ID 942976.1 )

How to Configure APEX to Use SSL ( Doc ID 740491.1 )

**********************************************************************

Step 1:

A wallet is required to be able to set up an SSL connection.

Ensure the files ewallet.p12 and cwallet.sso exist in the wallet directory.

Ensure these control parameters exist in the sqlnet configuration files (sqlnet.ora and listener.ora):
When setting these control parameters it is advised to make the edits using Oracle Net Manager

WALLET_LOCATION =
(SOURCE =
(METHOD = FILE)
(METHOD_DATA =
(DIRECTORY = /ots0/app/oracle/product/11.1.0/network/admin))
)
 
SSL_CLIENT_AUTHENTICATION=FALSE

Verify a secure sqlplus connection succeeds:
 
In the listener.ora open a secure port:
  eg. add address:   (ADDRESS = (PROTOCOL = TCPS)(HOST = nlsu22)(PORT = 1966))
 
In the tnsnames.ora add:
 
v111_s =
(DESCRIPTION =
  (ADDRESS = (PROTOCOL = TCPS) (Host = nlsu22) (Port = 1966) )
  (CONNECT_DATA = (SID = v111) )
)
 
Step 2:
=======

Set dispatcher for TCPS
 
Add the following entry in the database configuration file (init<SID>.ora:):
eg.
dispatchers='(PROTOCOL=TCP)(SERVICE=v111XDB)’,'(PROTOCOL=TCPS)(SERVICE=v111XDB)’
 
and restart the database instance. Alternatively make the change by means of the alter system command:
   
alter system set dispatchers = ‘(INDEX=0)(PROTOCOL=TCPS)(SERVICE=v111XDB)’, ‘(INDEX=1)(PROTOCOL=TCP)(SERVICE=v111XDB)’ scope=both;
 
You can set the dispatcher for TCPS only as well if desired.

Step 3:
=======

Set http2-port and http2-protocol in the XDB configuration:

See Note 942945.1

Check listener status to verify the ports are defined as endpoints.
This should look like:

STATUS of the LISTENER
————————

Listening Endpoints Summary…
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=nlsu22.nl.oracle.com)(PORT=1521)))
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=nlsu22.nl.oracle.com)(PORT=8080))(Presentation=HTTP)(Session=RAW))
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=nlsu22.nl.oracle.com)(PORT=2100))(Presentation=FTP)(Session=RAW))
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcps)(HOST=nlsu22.nl.oracle.com)(PORT=1443))(Presentation=HTTP)(Session=RAW))
Services Summary…

Step 4:
======

In case of XDB Configuration

set serveroutput on

DECLARE
  l_cfgxml XMLTYPE;
  l_value VARCHAR2(5) := ‘&secure_port’; — Secure port#
BEGIN
  l_cfgxml := DBMS_XDB.cfg_get();

  IF l_cfgxml.existsNode(‘/xdbconfig/sysconfig/protocolconfig/httpconfig/http2-port’) = 0 THEN
  — Add missing elements.

 SELECT insertChildXML
 (l_cfgxml, ‘/xdbconfig/sysconfig/protocolconfig/httpconfig’, ‘http2-port’,
  XMLType(‘<http2-port xmlns=”http://xmlns.oracle.com/xdb/xdbconfig.xsd”>’ ||
  l_value ||
  ‘</http2-port>’),
  ‘xmlns=”http://xmlns.oracle.com/xdb/xdbconfig.xsd”‘
 )
 INTO l_cfgxml
 FROM dual;

 SELECT insertChildXML
 (l_cfgxml, ‘/xdbconfig/sysconfig/protocolconfig/httpconfig’, ‘http2-protocol’,
  XMLType(‘<http2-protocol xmlns=”http://xmlns.oracle.com/xdb/xdbconfig.xsd”>tcps</http2-protocol>’),
  ‘xmlns=”http://xmlns.oracle.com/xdb/xdbconfig.xsd”‘
 )
 INTO l_cfgxml
 FROM dual;

  DBMS_OUTPUT.put_line(‘http2 port inserted.’);
 ELSE
 — Update existing element.
  SELECT updateXML
  (
  DBMS_XDB.cfg_get(),
  ‘/xdbconfig/sysconfig/protocolconfig/httpconfig/http2-port/text()’,
   l_value,
   ‘xmlns=”http://xmlns.oracle.com/xdb/xdbconfig.xsd”‘
  )
  INTO l_cfgxml
  FROM dual;

 DBMS_OUTPUT.put_line(‘http2 port updated.’);
 DBMS_OUTPUT.put_line(‘Secure port changed into ‘||l_value);
END IF;

  DBMS_XDB.cfg_update(l_cfgxml);
  DBMS_XDB.cfg_refresh;
END;
/

Enter the port for the apex

************************************************************************************************

In 11g set port using below query

call dbms_xdb.setListenerEndPoint(2, null, 1443,2);

In 12c dbms_xdb.setListenerEndPoint is replaced by DBMS_XDB_CONFIG.SETLISTENERENDPOINT

Run this query to see the current secure settings in your XDB configuration:

col “Protocol” for a15
col “Port#” for a10

select extractValue(value(x),’/httpconfig/http2-protocol’, ‘xmlns=”http://xmlns.oracle.com/xdb/xdbconfig.xsd”‘) “Protocol”
,      extractValue(value(x),’/httpconfig/http2-port’, ‘xmlns=”http://xmlns.oracle.com/xdb/xdbconfig.xsd”‘) “Port#”
from   table(xmlsequence(extract(xdburitype(‘/xdbconfig.xml’).getXML(),’/xdbconfig/sysconfig/protocolconfig/httpconfig’))) x
/

  • September 28, 2018 | 27 views
  • Comments