KEMBAR78
Oracle EBS R12.2 TLS Setup Guide | PDF | Transport Layer Security | Apache Http Server
Scribd
Upload
54 views10 pages

Oracle EBS R12.2 TLS Setup Guide

The document details the steps to enable TLS for Oracle E-Business Suite Release 12.2, including creating a new identity wallet, importing certificates, configuring inbound connections, and modifying configuration files. Key steps include creating a certificate request, importing the signed certificate, configuring the wallet, OHS, and OPMN for TLS, and updating settings in Fusion Middleware Control.

Uploaded by

Mohsin Shariff
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
54 views10 pages

Oracle EBS R12.2 TLS Setup Guide

The document details the steps to enable TLS for Oracle E-Business Suite Release 12.2, including creating a new identity wallet, importing certificates, configuring inbound connections, and modifying configuration files. Key steps include creating a certificate request, importing the signed certificate, configuring the wallet, OHS, and OPMN for TLS, and updating settings in Fusion Middleware Control.

Uploaded by

Mohsin Shariff
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 10

https://techgoeasy.

com/enabling-tls-oracle-apps-r12-2/

Enabling TLS in Oracle E-Business Suite Release 12.2 (Doc ID 1367293.1)

10.2 Create a New Identity Wallet (Conditional)

--> We are using "Wildcard Certificate" for TLS Setup.

-->Navigate to the <s_web_ssl_directory>/Apache directory. If it does not exist,


create it.

-->you can get the location of "s_web_ssl_directory" using below command.

[applmgr@clone01 apps]$ cat $CONTEXT_FILE|grep "s_web_ssl_directory"


<web_ssl_directory
oa_var="s_web_ssl_directory">/u01/app/oracle/TEST/apps/fs_ne/inst/TEST_clone01/
certs</web_ssl_directory>

Create the Apcahe Directory.

[applmgr@clone01 certs]$ mkdir Apache

--> Source your application tier environment file and check the status of patch.
--> There should not be an active patching cycle at this point.

[applmgr@clone01 certs]$ adop -status

--> I followd the setup from this thread for creating certificate request
"https://techgoeasy.com/enabling-tls-oracle-apps-r12-2/"

-->Set the below PATH to start configure the wallet.

[applmgr@clone01 Apcahe]$export
PATH=$FMW_HOME/webtier/bin:$FMW_HOME/oracle_common/bin:$PATH

-->Open the Wallet manager as a background process:

[applmgr@clone01 Apcahe]$ owm &

--->Follow the screenshots from "Create Wallet fot TLS.docx" to Create a


Certificate Request.

-->Exit the Wallet Manager.


-->The wallet directory will now contain the following files:

cwallet.sso
ewallet.p12
server.csr

-->Submit the certificate request to a certificate authority

-->Step 5 - Import the Server Certificate to the Wallet

-->Copy the all three certificate to the folder Apache.

ca.crt
Interca.crt
Server.crt
-->Open the Wallet Manager as a background process:

[applmgr@clone01 Apcahe]$owm &

-->Follow the steps from doc "Import TLS Certificates.docx"

--> your certificate status is ready now.

-->If you need to import the CA Certificate you will also need to add the contents
of ca.crt file to b64InternetCertificate.txt file located in the 10.1.2
ORACLE_HOME/sysman/config directory:

[applmgr@clone01 Apcahe]$ cat ca.crt >>


/u01/app/oracle/TEST/apps/fs2/EBSapps/10.1.2/sysman/config/b64InternetCertificate.t
xt

-->If you were also provided an Intermediate Certificate (intca.crt) then you will
also need to add that to the b64InternetCertificate.txt:

[applmgr@clone01 Apcahe]$ cat Interca.crt >>


/u01/app/oracle/TEST/apps/fs2/EBSapps/10.1.2/sysman/config/b64InternetCertificate.t
xt

-->remove the extra data from file.

[applmgr@clone01 Apcahe]$ vi
/u01/app/oracle/TEST/apps/fs2/EBSapps/10.1.2/sysman/config/b64InternetCertificate.t
xt

***5.2 Configure Inbound Connections.

--->Modify the Oracle HTTP Server Wallet

-->Copy the <s_web_ssl_directory>/Apache wallet (cwallet.sso ) to


<s_ohs_instance_loc>/config/OHS/<s_ohs_component>/keystores/default directory
location.

[applmgr@clone01 certs]$ cat $CONTEXT_FILE|grep "s_ohs_instance_loc"


<ohs_instance_loc
oa_var="s_ohs_instance_loc">/u01/app/oracle/TEST/apps/fs2/FMW_Home/webtier/
instances/EBS_web_OHS1</ohs_instance_loc>

-->This is the actual location move any exisitng file from default folder first.

[applmgr@clone01 default]$ pwd


/u01/app/oracle/TEST/apps/fs2/FMW_Home/webtier/instances/EBS_web_OHS1/config/OHS/
EBS_web/keystores/default

[applmgr@clone01 default]$ cp
/u01/app/oracle/TEST/apps/fs_ne/inst/TEST_clone01/certs/Apache/cwallet.sso .

[applmgr@clone01 default]$ ls -lrt


total 8
-rw-------. 1 applmgr oinstall 0 Apr 10 15:53 cwallet.sso.lck
-rw-------. 1 applmgr oinstall 6541 Apr 11 14:17 cwallet.sso
-->Step 7 – Modify the OPMN wallet and configure the cipher suites.

-->Modify the OPMN Wallet

-->The default location for the OPMN wallet is in the


<s_ohs_instance_loc>/config/OPMN/opmn/wallet directory.

-->Move the existing wallet files to a backup directory in case you wish to use
them again in the future.

[applmgr@clone01 wallet]$ pwd


/u01/app/oracle/TEST/apps/fs2/FMW_Home/webtier/instances/EBS_web_OHS1/config/OPMN/
opmn/wallet

--Copy the cwallet.sso files from the


<s_ohs_instance_loc>/config/OHS/<s_ohs_component>/keystores/default directory to
the current directory.

[applmgr@clone01 wallet]$ cp
/u01/app/oracle/TEST/apps/fs2/FMW_Home/webtier/instances/EBS_web_OHS1/config/OHS/
EBS_web/keystores/default/cwallet.sso .

[applmgr@clone01 wallet]$ ls -lrt


total 8
-rw-------. 1 applmgr oinstall 0 Feb 21 2022 cwallet.sso.lck
-rw-------. 1 applmgr oinstall 6541 Apr 11 14:52 cwallet.sso

-->>Configure Protocol and Cipher Suite for FMW Internal Communication.


-->You must perform this configuration to enforce strong cipher suites on the OPMN
remote port.
-->Ensure all processes are down.
--> Configure Latest TLS with Backward Compatibility

Open the opmn.xml file located under your web tier instance directory
$FMW_HOME/webtier/instances/<s_ohs_instance>/config/OPMN/opmn.
Towards the top of the file, look for the SSL options within the <notification-
server> section.
Change:
<ssl enabled="true"
wallet-file="<path to the wallet file>"/>

to
<ssl enabled="true"
wallet-file="<Path to the Wallet file>" ssl-versions="TLSv1.2"
ssl-ciphers="<Pick the ciphers from the list of valid ciphers below,separated
by a comma>"/>

[applmgr@clone01]$cd
/u01/app/oracle/TEST/apps/fs2/FMW_Home/webtier/instances/EBS_web_OHS1/config/OPMN/
opmn

[applmgr@clone01 opmn]$ vi opmn.xml

FROM
<ssl enabled="true"
wallet-file="/u01/app/oracle/TEST/apps/fs2/FMW_Home/webtier/instances/
EBS_web_OHS1/config/OPMN/opmn/wallet" ssl-versions="TLSv1.0" ssl-
ciphers="SSL_RSA_WITH_AES_128_CBC_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA"/>
TO
<ssl enabled="true"
wallet-file="/u01/app/oracle/TEST/apps/fs2/FMW_Home/webtier/instances/
EBS_web_OHS1/config/OPMN/opmn/wallet" ssl-versions="TLSv1.0,TLSv1.1,TLSv1.2" ssl-
ciphers="SSL_RSA_WITH_AES_256_CBC_SHA,SSL_RSA_WITH_AES_128_CBC_SHA"/>

-->Edit the admin.conf file located under the


$FMW_HOME/webtier/instances/<s_ohs_instance>/config/OHS/<s_ohs_component>
directory.
Change:

[applmgr@clone01 EBS_web]$ pwd


/u01/app/oracle/TEST/apps/fs2/FMW_Home/webtier/instances/EBS_web_OHS1/config/OHS/
EBS_web

[applmgr@clone01 EBS_web]$ cp admin.conf admin.conf.orig

[applmgr@clone01 EBS_web]$ vi admin.conf

FROM
SSLCipherSuite SSL_RSA_WITH_AES_128_CBC_SHA:SSL_RSA_WITH_3DES_EDE_CBC_SHA
SSLProtocol nzos_Version_1_0

TO
SSLCipherSuite HIGH:MEDIUM
SSLProtocol nzos_Version_1_0 nzos_Version_1_1 nzos_Version_1_2

--> Modify the Oracle Fusion Middleware Control Console.

-->Move the existing wallet files to a backup directory in case you wish to use
them again in the future.

$EBS_DOMAIN_HOME/opmn/<s_ohs_instance>/<s_ohs_component>/wallet
$EBS_DOMAIN_HOME/opmn/<s_ohs_instance>/wallet
$FMW_HOME/webtier/instances/<s_ohs_instance>/config/OHS/<s_ohs_component>/proxy-
wallet

-->$EBS_DOMAIN_HOME/opmn/<s_ohs_instance>/<s_ohs_component>/wallet

[applmgr@clone01 wallet]$ pwd


/u01/app/oracle/TEST/apps/fs2/FMW_Home/user_projects/domains/EBS_domain/opmn/
EBS_web_OHS1/EBS_web/wallet

[applmgr@clone01 wallet]$ cp
/u01/app/oracle/TEST/apps/fs2/FMW_Home/webtier/instances/EBS_web_OHS1/config/OPMN/
opmn/wallet/cwallet.sso .

-->$EBS_DOMAIN_HOME/opmn/<s_ohs_instance>/wallet

[applmgr@clone01 wallet]$ mv cwallet.*


/u01/app/oracle/TEST/apps/fs2/FMW_Home/user_projects/domains/EBS_domain/opmn/
EBS_web_OHS1/BKP/

[applmgr@clone01 wallet]$ pwd


/u01/app/oracle/TEST/apps/fs2/FMW_Home/user_projects/domains/EBS_domain/opmn/
EBS_web_OHS1/wallet

[applmgr@clone01 wallet]$ cp
/u01/app/oracle/TEST/apps/fs2/FMW_Home/webtier/instances/EBS_web_OHS1/config/OPMN/
opmn/wallet/cwallet.sso .

[applmgr@clone01 wallet]$ ls -lrt


total 8
-rw-------. 1 applmgr oinstall 6541 Apr 11 15:15 cwallet.sso

-->$FMW_HOME/webtier/instances/<s_ohs_instance>/config/OHS/<s_ohs_component>/proxy-
wallet

[applmgr@clone01 EBS_web]$ mkdir BKP

[applmgr@clone01 EBS_web]$ cd proxy-wallet/

[applmgr@clone01 proxy-wallet]$ ls
cwallet.sso cwallet.sso.lck

[applmgr@clone01 proxy-wallet]$ pwd


/u01/app/oracle/TEST/apps/fs2/FMW_Home/webtier/instances/EBS_web_OHS1/config/OHS/
EBS_web/proxy-wallet

[applmgr@clone01 proxy-wallet]$ mv *
/u01/app/oracle/TEST/apps/fs2/FMW_Home/webtier/instances/EBS_web_OHS1/config/OHS/
EBS_web/BKP

[applmgr@clone01 proxy-wallet]$ cp
/u01/app/oracle/TEST/apps/fs2/FMW_Home/webtier/instances/EBS_web_OHS1/config/OPMN/
opmn/wallet/cwallet.sso .

[applmgr@clone01 proxy-wallet]$ ls -lrt


-rw-------. 1 applmgr oinstall 6541 Apr 11 15:16 cwallet.sso

--> Update the Context File and Config Files

[applmgr@clone01 scripts]$ adstrtal.sh apps/apps123

http://clone01.sbg.com.sa:7001/em
weblogic/oracle123

-->OHS as the TLS Termination Point


-->Use Oracle Fusion Middleware Control to make some additional configuration file
changes:

Use the adstrtal.sh script in the $ADMIN_SCRIPTS_HOME directory to start all


services.
Log in to Oracle Fusion Middleware Control console (for example,
http://<hostname>.<domain>:<AdminServer Port>/em).
Select web tier target under the EBS_web > right click and navigate below.
Navigate to Administration, then Advanced Configuration.
Select ssl.conf file for edit.
Update the Listen <port> and the VirtualHost _default_:<port> directives to SSL
port, for example Listen 4443.
Update the SSLProtocol and SSLCipherSuite entry to match the following:

-->Check screenshots for navigation :"Oracle Fusion Middleware Control.docx"


# OHS Listen Port
Listen 4443

# Commenting off the default CipherSuite and added strong Cipher Suite as part of
bug 9284427
SSLProtocol TLSv1.2
SSLCipherSuite HIGH:MEDIUM

-->The following command should be run (on all application tier nodes) to propagate
the changes made through the Oracle Fusion Middleware Control console to the
context file variables:

[applmgr@clone01 scripts]$ perl $AD_TOP/bin/adSyncContext.pl


contextfile=$CONTEXT_FILE
Enter the APPS user password:
Enter the WebLogic AdminServer password:
The log file is
/u01/app/oracle/TEST/apps/fs2/inst/apps/TEST_clone01/logs/appl/rgf/
Wed_Apr_12_13_36_02_2023/adSyncContext.log

[applmgr@clone01 scripts]$ vi
/u01/app/oracle/TEST/apps/fs2/inst/apps/TEST_clone01/logs/appl/rgf/
Wed_Apr_12_13_36_02_2023/adSyncContext.log

-->Configure TLS-Related Variables in the Context File.

[applmgr@clone01 scripts]$ vi
/u01/app/oracle/TEST/apps/fs2/inst/apps/TEST_clone01/appl/admin/TEST_clone01.xml

<url_protocol oa_var="s_url_protocol">https</url_protocol>

<local_url_protocol oa_var="s_local_url_protocol">https</local_url_protocol>

<webentryurlprotocol oa_var="s_webentryurlprotocol">https</webentryurlprotocol>

<activewebport oa_var="s_active_webport" oa_type="DUP_PORT" base="8000" step="1"


range="-1" label="Active Web Port">4443</activewebport>

<web_ssl_port oa_var="s_webssl_port" oa_type="PORT" base="4443" step="1" range="-1"


label="Web SSL Port">4443</web_ssl_port>

<httpslistenparameter oa_var="s_https_listen_parameter">4443</httpslistenparameter>

<login_page
oa_var="s_login_page">https://clone01.sbg.com.sa:4443/OA_HTML/AppsLogin</
login_page>

<externURL oa_var="s_external_url">https://clone01.sbg.com.sa:4443</externURL>

Step 4 - Run AutoConfig


Run AutoConfig using the adautocfg.sh script in the application tier
$ADMIN_SCRIPTS_HOME directory.

Step 5 - Restart the Application Tier Services


Use the adstpall.sh/adstrtal.sh script in the $ADMIN_SCRIPTS_HOME directory to stop
and restart all services.
-->Propagate TLS Changes to Patch File Systems
-->The following steps must be performed in order to synchronize the TLS setup
between the two file systems:
-->Edit $APPL_TOP_NE/ad/custom/adop_sync.drv

[applmgr@clone01 EBS_web]$ ls $APPL_TOP_NE/ad/custom/adop_sync.drv


/u01/app/oracle/TEST/apps/fs_ne/EBSapps/appl/ad/custom/adop_sync.drv

--Backup the file.


[applmgr@clone01 EBS_web]$ cp
/u01/app/oracle/TEST/apps/fs_ne/EBSapps/appl/ad/custom/adop_sync.drv
/u01/app/oracle/TEST/apps/fs_ne/EBSapps/appl/ad/custom/adop_sync.drv.orig

[applmgr@clone01 EBS_web]$ vi
/u01/app/oracle/TEST/apps/fs_ne/EBSapps/appl/ad/custom/adop_sync.drv

#TLS SECTION - START


# Required for TLS setup migration from RUN to PATCH file-system.
# Please alter the commands in the event that rsync is not available or the
platform does not support the example syntax.

#10.1.2 b64InternetCertificate.txt
rsync -zr %s_current_base%/EBSapps/10.1.2/sysman/config/b64InternetCertificate.txt
%s_other_base%/EBSapps/10.1.2/sysman/config/b64InternetCertificate.txt

#Oracle HTTP Server Wallet - cwallet.sso


rsync -zr %s_current_base%/FMW_Home/webtier/instances/%s_ohs_instance%/config/OHS/
%s_ohs_component%/keystores/default/cwallet.sso
%s_other_base%/FMW_Home/webtier/instances/%s_ohs_instance%/config/OHS/
%s_ohs_component%/keystores/default/cwallet.sso
#OPMN Wallet – cwallet.sso
rsync -zr %s_current_base%/FMW_Home/webtier/instances/%s_ohs_instance%/config/
OPMN/opmn/wallet/cwallet.sso
%s_other_base%/FMW_Home/webtier/instances/%s_ohs_instance%/config/OPMN/opmn/
wallet/cwallet.sso#Fusion Middleware Control Wallets – cwallet.sso
#Fusion Middleware Control Wallets – cwallet.sso
rsync -zr %s_current_base%/FMW_Home/user_projects/domains/EBS_domain_%s_dbSid%/
opmn/%s_ohs_instance%/%s_ohs_component%/wallet/cwallet.sso
%s_other_base%/FMW_Home/user_projects/domains/EBS_domain_%s_dbSid%/opmn/
%s_ohs_instance%/%s_ohs_component%/wallet/cwallet.sso
rsync -zr %s_current_base%/FMW_Home/user_projects/domains/EBS_domain_%s_dbSid%/
opmn/%s_ohs_instance%/wallet/cwallet.sso
%s_other_base%/FMW_Home/user_projects/domains/EBS_domain_%s_dbSid%/opmn/
%s_ohs_instance%/wallet/cwallet.sso
rsync -zr %s_current_base%/FMW_Home/webtier/instances/%s_ohs_instance%/config/OHS/
%s_ohs_component%/proxy-wallet/cwallet.sso
%s_other_base%/FMW_Home/webtier/instances/%s_ohs_instance%/config/OHS/
%s_ohs_component%/proxy-wallet/cwallet.sso

#End Customization

-->Update the AdminServer and the Managed Server (WLS) Configuration

http://clone01.sbg.com.sa:7001/console/login/LoginForm.jsp
weblogic/oracle123

For all managed servers, append the following JVM parameter to all managed servers:
Log in to Oracle WebLogic Server Administration console (for example,
http://<hostname>.<domain>:<AdminServer Port>/console)
Click on Lock & Edit.
Under Domain Structure > your Oracle E-Business Suite domain > Environment and
Servers, select one of the managed servers. (Note that you will need to repeat this
for all managed servers in your environment.)
Then under the Server Start tab in the Arguments section, add the following:
-DUseSunHttpHandler=true -Dhttps.protocols=TLSv1.2
Click on Save.
Repeat steps 3 and 4 for all remaining managed servers.
For each of the managed servers and the AdminServer, under the SSL tab, click on
Advanced, and set the Hostname Verification to Custom Hostname Verifier and the
Custom Hostname Verifier field to
weblogic.security.utils.SSLWLSWildcardHostnameVerifier. This may or may not already
be set depending on your existing patch level.
Click on Activate Changes.

--> Update the b64InternetCertificate.txt Truststores

[applmgr@clone01 Apache]$ cat ca.crt >>


/u01/app/oracle/TEST/apps/fs2/EBSapps/10.1.2/sysman/config/b64InternetCertificate.t
xt

Delete the extra lines.

[applmgr@clone01 Apache]$ vi
/u01/app/oracle/TEST/apps/fs2/EBSapps/10.1.2/sysman/config/b64InternetCertificate.t
xt

--> Update the cacerts Truststore

Navigate to the $OA_JRE_TOP/lib/security directory

[applmgr@clone01 Apache]$ cd $OA_JRE_TOP/lib/security


[applmgr@clone01 security]$ pwd
/u01/app/oracle/TEST/apps/fs2/EBSapps/comn/util/jdk32/jre/lib/security

[applmgr@clone01 security]$ ls -lrt


total 148
-rwxr-xr-x. 1 applmgr oinstall 2971 Feb 8 2022 local_policy.jar
-rwxr-xr-x. 1 applmgr oinstall 99954 Feb 8 2022 cacerts
-rwxr-xr-x. 1 applmgr oinstall 98 Feb 8 2022 javaws.policy
-rwxr-xr-x. 1 applmgr oinstall 0 Feb 8 2022 trusted.libraries
-rwxr-xr-x. 1 applmgr oinstall 2593 Feb 8 2022 java.policy
-rwxr-xr-x. 1 applmgr oinstall 4054 Feb 8 2022 blacklist
-rwxr-xr-x. 1 applmgr oinstall 158 Feb 8 2022 javafx.policy
-rwxr-xr-x. 1 applmgr oinstall 20474 Feb 8 2022 java.security
-rwxr-xr-x. 1 applmgr oinstall 2487 Feb 8 2022 US_export_policy.jar

Backup the existing cacerts file.

[applmgr@clone01 security]$ cp cacerts cacerts.orig

[applmgr@clone01 security]$ pwd


/u01/app/oracle/TEST/apps/fs2/EBSapps/comn/util/jdk32/jre/lib/security

--Copy your ca.crt and server.crt files to this directory.


[applmgr@clone01 security]$ cp
/u01/app/oracle/TEST/apps/fs_ne/inst/TEST_clone01/certs/Apache/ca.crt .
[applmgr@clone01 security]$ cp
/u01/app/oracle/TEST/apps/fs_ne/inst/TEST_clone01/certs/Apache/Server.crt .
[applmgr@clone01 security]$ cp
/u01/app/oracle/TEST/apps/fs_ne/inst/TEST_clone01/certs/Apache/Interca.crt .

[applmgr@clone01 security]$ chmod u+w cacerts

--Add your Apache ca.crt and server.crt to cacerts


***--Password for keystore changeit ***

[applmgr@clone01 security]$ keytool -import -alias ApacheRootCA -file ca.crt -v -


keystore cacerts
Enter keystore password: changeit
Owner: CN=DigiCert Global Root G2, OU=www.digicert.com, O=DigiCert Inc, C=US
Issuer: CN=DigiCert Global Root G2, OU=www.digicert.com, O=DigiCert Inc, C=US
Serial number: 33af1e6a711a9a0bb2864b11d09fae5
Valid from: Thu Aug 01 15:00:00 AST 2013 until: Fri Jan 15 15:00:00 AST 2038
Certificate fingerprints:
MD5: E4:A6:8A:C8:54:AC:52:42:46:0A:FD:72:48:1B:2A:44
SHA1: DF:3C:24:F9:BF:D6:66:76:1B:26:80:73:FE:06:D1:CC:8D:4F:82:A4
SHA256:
CB:3C:CB:B7:60:31:E5:E0:13:8F:8D:D3:9A:23:F9:DE:47:FF:C3:5E:43:C1:14:4C:EA:27:D4:6A
:5A:B1:CB:5F
Signature algorithm name: SHA256withRSA
Version: 3

Extensions:

#1: ObjectId: 2.5.29.19 Criticality=true


BasicConstraints:[
CA:true
PathLen:2147483647
]

#2: ObjectId: 2.5.29.15 Criticality=true


KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]

#3: ObjectId: 2.5.29.14 Criticality=false


SubjectKeyIdentifier [
KeyIdentifier [
0000: 4E 22 54 20 18 95 E6 E3 6E E6 0F FA FA B9 12 ED N"T ....n.......
0010: 06 17 8F 39 ...9
]
]

Trust this certificate? [no]: yes


Certificate was added to keystore
[Storing cacerts]

[applmgr@clone01 security]$ keytool -import -alias ApacheIntCA -file Interca.crt -


trustcacerts -v -keystore cacerts
Enter keystore password: changeit
Certificate was added to keystore
[Storing cacerts]

[applmgr@clone01 security]$ keytool -import -alias ApacheServer -file Server.crt -


trustcacerts -v -keystore cacerts
Enter keystore password: changeit
Certificate was added to keystore
[Storing cacerts]

--When you have completed the modifications to the cacerts, reset the permissions

[applmgr@clone01 security]$ chmod u-w cacerts

***Post-Configuration Tasks***

--Restart

Restart everything including the Admin and Managed Servers using the adstpall.sh
and adstrtal.sh scripts. Ensure that everything started up successfully.

[applmgr@clone01 scripts]$ adstpall.sh apps/apps123


[applmgr@clone01 scripts]$ adstrtal.sh apps/apps123

--> Sync Changes to the Context File

[applmgr@clone01 scripts]$ perl $AD_TOP/bin/adSyncContext.pl


contextfile=$CONTEXT_FILE
Enter the APPS user password:
Enter the WebLogic AdminServer password:
The log file is
/u01/app/oracle/TEST/apps/fs2/inst/apps/TEST_clone01/logs/appl/rgf/
Sun_Apr_16_12_16_30_2023/adSyncContext.log

You might also like