Today I am going to cover overview of SSL & various components of oracle Apps in which you can configure SSL.
If you encounter any Issues or got any doubts w.r.t. Oracle Applications create a Thread in Oracle Apps Forum at http://teachmeoracle.com/forum
What is SSL ?
SSL stands for Secure Socket Layer which is protocol developed by Netscape. Data Transferred between Server & Client is Secured (Encrypted)
Why I need a SSL in Oracle Applications ?
Usually data transmitted between client machine & server (Web Server on http protocol & Forms Server on Sockets ) is clear text packets. Any one can put Packet Sniffer between Client machine & Server & can open & read all data transaction between your machine & Server (If he/she has network access) Hacker can get your Username/Password or any sensitive data. This become critical when you have Internet access to Oracle Applications 11i (Usually Self Service Implementation)
Where I need to configure SSL in Apps ?
Communication between Client & Oracle Applications happen via three components.
—Oracle Web Server (Initial Connection & all self service access is via Web Server/Apache). If your Form Server is in servlet Mode then Core Applications are also accessed via Web Server (Jserv Component)
—Oracle Form Server : For Core Oracle Application Access (Forms)
—Database : You access web server which in turn talks to database Server via UTL_HTTP package via dad (/pls/$SID)
So You enable SSL on particular component depending on your requirement & component which is accessible over Internet & should be secured. You can Implement across all three component or only one or any two.
What is common deployment for Internet Facing Oracle Applications ?
Though you can configure SSL for Web, Forms & database for extra Security but Usually most prone & Internet facing component is Web Server (For Self Service Applications) so common trend is to Enable SSL between Client Machine & Web Server (Apache) in Oracle Applications.
What will happen w.r.t. Data communication after enabling SSL ?
By default you access Applications over HTTP (Hyper Text Transfer Protocol) but after enabling SSL on web server you will access via HTTPS (Secure) . Data will be encrypted at one end & decrypted at other end.
More on
How Data Encryption Happens ….
Is there any performance overheads ….
What is openssl & oracle Wallets …
How to configure SSL in Oracle Apps 11i …
and lot more on SSL coming in Next Post
Those of you who want to raise questions/doubts problems , can now do same via Forum http://teachmeoracle.com/forum (Dedicated to Apps DBA, for Fast Response from some of Best Apps DBA’s). Check others doubts & you can answer them.