http://host:port/service/someService
Now our requirement is how to secure this link that is call the service using https so the new request should appear like
https://host:port/service/someService
Again i would like you all to go through this link to get some idea on key and certificate.
http://java.sun.com/j2se/1.5.0/docs/tooldocs/solaris/keytool.html
BAsed on this note i will generate a key
OPen a command window and navigate till jdk/bin directory and issue a command
keytool -genkey -alias arpit -server -dname "CN=Arpit, OU=Integration O=Oracle L=Bangalore, S=Karnataka, C=IN" -keyalg RSA -keypass welcome1 -storepass welcome1 -keystore arpit.keystore
It should be like
Once you will execute this command you will find a key with name arpit.keystore getting created in the same folder where you have executed it.
You can copy the arpit.keystore into the $ORACLE_HOME/j2ee/home/config
Nnow again
1. Copy default-web-site.xml to secure-web-site.xml
2. Edit the secure-web-site.xml:
2.1. Change the web-site tag by changing the port to 4443 and adding the element secure="true"
2.1. Add the ssl-config element and point this to the new created keystore.
The file looks like:
<web-site xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:noNamespaceSchemaLocation="http://xmlns.oracle.com/oracleas/schema/web-site-10_0.xsd"
port="4443"
secure="true"
display-name="OC4J 10g (10.1.3) Default Web Site"
schema-major-version="10"
schema-minor-version="0" >
...
<ssl-config keystore="Path/server.keystore" keystore-password="welcome" />
...
</web-site>
3. Import the new Web site in your OC4J instance by editing the $ORACLE_HOME/j2ee/home/server.xml file. You need to add or replace the web-site tag. In
...
<web-site default="true" path="./default-web-site.xml" />
<web-site path="./secure-web-site.xml" />
...
Since we have copied the file from the default-web-site, all applications are available using HTTP and HTTPS
Now Start OC4J and test the HTTPS port.
It should work.This is for standalone container
No comments:
Post a Comment