{"id":180,"date":"2007-10-04T14:32:38","date_gmt":"2007-10-04T18:32:38","guid":{"rendered":"http:\/\/onlineappsdba.com\/index.php\/2007\/10\/04\/oracle-apps-11i-r12-and-ssl\/"},"modified":"2009-09-28T02:14:00","modified_gmt":"2009-09-28T06:14:00","slug":"oracle-apps-11i-r12-and-ssl","status":"publish","type":"post","link":"https:\/\/onlineappsdba.com\/index.php\/2007\/10\/04\/oracle-apps-11i-r12-and-ssl\/","title":{"rendered":"SSL in Oracle Apps 11i \/ R12"},"content":{"rendered":"<p>In order to Understand SSL in Oracle Applications 11i &amp;\u00a0R12 lets first understand\u00a0<\/p>\n<p><strong>Components in Apps which can listen for SSL Requests<\/strong><br \/>\n&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;<br \/>\n1. <strong>Load balancer<\/strong> (if you have one between clients and oracle apps)<br \/>\n2. <strong>Web Server <\/strong>(11i web server built on Oracle Apache)<br \/>\n3. <strong>Form Server<\/strong>(If forms are configured for Forms Listener default method in 11i. In Servlet mode request to are fulfilled by Web Server and you don&#8217;t run form server) &#8211; To check more on this check my post <a target=\"_blank\" href=\"https:\/\/onlineappsdba.com\/index.php\/2007\/06\/28\/oracle-apps-r12-forms-servlet-or-socket\/\">Forms Listener &amp; Forms Servlet Listener<\/a><br \/>\n4. <strong>OC4J<\/strong> Oracle Container for Java (only in R12 and not in 11i)<br \/>\n5. <strong>Database<\/strong><\/p>\n<p><strong>So you can configure SSL in Oracle Applications as<\/strong><br \/>\n&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8211;<br \/>\n1. From Client (browser) to Load balancer\u00a0as <strong>SSL<\/strong>;\u00a0 from LB\u00a0to all other apps component <strong>Non SSL<\/strong> <font color=\"#ff0000\">(For this Load balancer should have SSL acceleration capability. Load balancer will decrypt client requests coming as SSL and forward them to web server as Non SSL and receive Non SSL response from web server, encrypt them and forward back to users as SSL)<\/font> &#8211; Web Server, Forms &amp; database all run in Non SSL<\/p>\n<p>If you don&#8217;t have Load Balancer (or with SSL acceleration) then<\/p>\n<p>2. From Client (browser) till Web Server <strong>SSL<\/strong> and from\u00a0Web to\u00a0other component\u00a0as <strong>Non SSL<\/strong> (forms, database..) &#8211; Web Server should be configured for HTTPS<\/p>\n<p>3. To Web Server and Forms from these to database as Non SSL (Forms and Web Server should be configured for HTTP)<\/p>\n<p>4. All the way till database on SSL (Web Server, Forms &amp; Database all should be configured for SSL)<\/p>\n<p><strong>Option 1<\/strong> i.e. <strong>Configure SSL for Apps where SSL is terminating at Load Balancer<\/strong>(BigIP or F5 SSL accelerator)<br \/>\n&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8211;<br \/>\nThis configuration is based on following assumption<\/p>\n<p>1. Connection from Browser to Load Balancer is SSL (HTTP) i.e. Load balancer is configured to listen on SSL Port<br \/>\n2. Connection from Load Balancer to server is non SSL (HTTPS) i.e. Apps Web Server is listening on Non SSL Port<br \/>\n3. Conversion of SSL to Non SSL (requests coming from user to Server) and Non SSL to SSL (requests serve by web-server and returned to user) is done by load balancer (SSL accelerator). Example of such SSL accelerator is F5 or Big IP<br \/>\n4. Load Balancer (also acting as SSL Accelerator) is doing port translation. To understand\u00a0<strong>port translation;<\/strong>\u00a0better think as if\u00a0Load Balancer is listening on port 443 (SSL Port) where as web server is listening on Non SSL port like 8000. Load balancer will route all requests coming from user on port 443 to server listening on 8000 (translating port on 8000).<\/p>\n<p><strong>Configuration<\/strong><br \/>\nIn Context File (at $APPL_TOP\/admin\/$CONTEXT_NAME.xml) Change following parameter :<\/p>\n<p>1. <strong>s_webentryhost<\/strong>\u00a0 to load balancer name<br \/>\n2. <strong>s_webentrydomain<\/strong>to load balancer domain-name<br \/>\n3. <strong>s_active_webport<\/strong>to load balancer port<br \/>\n4. <strong>s_webentryurlprotocol<\/strong>\u00a0 to load balancer protocol https or http<br \/>\n5. <strong>s_login_page<\/strong>\u00a0 to\u00a0$s_webentryurlprotocol:\/\/$s_webentryhost.$s_webentrydomain:$s_activewebport\/oa_servlets\/AppsLogin<\/p>\n<p>Other similar parameter in context file which you <strong>don&#8217;t<\/strong> change<\/p>\n<p><strong>s_webhost<\/strong> : Actual Host Name of Server on which 11i is installed<br \/>\n<strong>s_webdomain<\/strong>: Actual Domain-name of Server on which 11i is installed<br \/>\n<strong>s_webport<\/strong> : actual port on which HTTP Server for 11i is listening<\/p>\n<p><strong>Things to\u00a0consider while doing SSL<br \/>\n<\/strong>&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8211;<br \/>\n1. If you are using dummy or self signed certificates, Your forms will not open\u00a0via Jinitiator\u00a0and you will hit error message like &#8220;<strong>load class oracle\/apps\/fnd\/formsClient\/FormsLauncher.class not found<\/strong>&#8221; This is because under Jinitiator&#8217;s repository for list\u00a0of valid CA&#8217;s (Certifying Authority) at <font color=\"#ff0000\">$install_location_of_jinitiator_on_client_pc\\ lib\\ security\\ certdb<\/font><em> <\/em>Dummy CA is not listed<\/p>\n<p>Fix: Include Dummy Non Standard Certifying Authority&#8217;s certificates at <font color=\"#ff0000\">$install_location_of_jinitiator_on_client_pc\\ lib\\ security\\ certdb<\/font> (on client machine)<br \/>\n\u00a0\u00a0<br \/>\n\u00a0 <u>How to add CA&#8217;s certificate in Jinitiator at Client Machine &amp; how to get test certificates coming soon..<\/u><\/p>\n<p>2. If you are terminating SSL at Load balancer and domain name of load balancer is different from domain name on server then login to OAM may fail because of different cookie domain values. Check &#8220;<strong>session.topleveldomain<\/strong>&#8221; in zone.properties<\/p>\n<p><strong>What is different w.r.t. SSL in 11i &amp; R12<br \/>\n<\/strong>&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8211;<br \/>\nIn 11i Web server certificates (public key &amp; private key) are stored as text file on Server where as on R12 certificates for Web Server are stored in Wallets (Oracle Wallets &#8211; OWM)\u00a0<\/p>\n<p>P.S. Forms &amp; Database\u00a0certificates in both 11i &amp; R12 are stored in Wallets (Oracle Wallet Manager)<\/p>\n<p><strong><u><\/u><\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"<p>In order to Understand SSL in Oracle Applications 11i &amp;\u00a0R12 lets first understand\u00a0 Components in Apps which can listen for [&hellip;]<\/p>\n","protected":false},"author":115,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[39],"tags":[5,9,464,81],"class_list":["post-180","post","type-post","status-publish","format-standard","hentry","category-ssl","tag-11i","tag-apps","tag-ssl","tag-wallets"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v25.8 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>SSL in Oracle Apps 11i \/ R12 -<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/onlineappsdba.com\/index.php\/2007\/10\/04\/oracle-apps-11i-r12-and-ssl\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"SSL in Oracle Apps 11i \/ R12 -\" \/>\n<meta property=\"og:description\" content=\"In order to Understand SSL in Oracle Applications 11i &amp;\u00a0R12 lets first understand\u00a0 Components in Apps which can listen for [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/onlineappsdba.com\/index.php\/2007\/10\/04\/oracle-apps-11i-r12-and-ssl\/\" \/>\n<meta property=\"article:published_time\" content=\"2007-10-04T18:32:38+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2009-09-28T06:14:00+00:00\" \/>\n<meta name=\"author\" content=\"Masroof Ahmad\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Masroof Ahmad\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/onlineappsdba.com\/index.php\/2007\/10\/04\/oracle-apps-11i-r12-and-ssl\/\",\"url\":\"https:\/\/onlineappsdba.com\/index.php\/2007\/10\/04\/oracle-apps-11i-r12-and-ssl\/\",\"name\":\"SSL in Oracle Apps 11i \/ R12 -\",\"isPartOf\":{\"@id\":\"https:\/\/onlineappsdba.com\/#website\"},\"datePublished\":\"2007-10-04T18:32:38+00:00\",\"dateModified\":\"2009-09-28T06:14:00+00:00\",\"author\":{\"@id\":\"https:\/\/onlineappsdba.com\/#\/schema\/person\/909a876ed58d400faf82caf81d61bfdb\"},\"breadcrumb\":{\"@id\":\"https:\/\/onlineappsdba.com\/index.php\/2007\/10\/04\/oracle-apps-11i-r12-and-ssl\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/onlineappsdba.com\/index.php\/2007\/10\/04\/oracle-apps-11i-r12-and-ssl\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/onlineappsdba.com\/index.php\/2007\/10\/04\/oracle-apps-11i-r12-and-ssl\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/onlineappsdba.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"SSL in Oracle Apps 11i \/ R12\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/onlineappsdba.com\/#website\",\"url\":\"https:\/\/onlineappsdba.com\/\",\"name\":\"\",\"description\":\"Oracle Implementation &amp; Training Experts\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/onlineappsdba.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/onlineappsdba.com\/#\/schema\/person\/909a876ed58d400faf82caf81d61bfdb\",\"name\":\"Masroof Ahmad\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/onlineappsdba.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/10f9db7bdbbd7f9ccfbe9b2d208e5978fc28315e9c704383e639a926ea0fce5f?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/10f9db7bdbbd7f9ccfbe9b2d208e5978fc28315e9c704383e639a926ea0fce5f?s=96&d=mm&r=g\",\"caption\":\"Masroof Ahmad\"},\"url\":\"https:\/\/onlineappsdba.com\/index.php\/author\/masroof\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"SSL in Oracle Apps 11i \/ R12 -","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/onlineappsdba.com\/index.php\/2007\/10\/04\/oracle-apps-11i-r12-and-ssl\/","og_locale":"en_US","og_type":"article","og_title":"SSL in Oracle Apps 11i \/ R12 -","og_description":"In order to Understand SSL in Oracle Applications 11i &amp;\u00a0R12 lets first understand\u00a0 Components in Apps which can listen for [&hellip;]","og_url":"https:\/\/onlineappsdba.com\/index.php\/2007\/10\/04\/oracle-apps-11i-r12-and-ssl\/","article_published_time":"2007-10-04T18:32:38+00:00","article_modified_time":"2009-09-28T06:14:00+00:00","author":"Masroof Ahmad","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Masroof Ahmad","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/onlineappsdba.com\/index.php\/2007\/10\/04\/oracle-apps-11i-r12-and-ssl\/","url":"https:\/\/onlineappsdba.com\/index.php\/2007\/10\/04\/oracle-apps-11i-r12-and-ssl\/","name":"SSL in Oracle Apps 11i \/ R12 -","isPartOf":{"@id":"https:\/\/onlineappsdba.com\/#website"},"datePublished":"2007-10-04T18:32:38+00:00","dateModified":"2009-09-28T06:14:00+00:00","author":{"@id":"https:\/\/onlineappsdba.com\/#\/schema\/person\/909a876ed58d400faf82caf81d61bfdb"},"breadcrumb":{"@id":"https:\/\/onlineappsdba.com\/index.php\/2007\/10\/04\/oracle-apps-11i-r12-and-ssl\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/onlineappsdba.com\/index.php\/2007\/10\/04\/oracle-apps-11i-r12-and-ssl\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/onlineappsdba.com\/index.php\/2007\/10\/04\/oracle-apps-11i-r12-and-ssl\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/onlineappsdba.com\/"},{"@type":"ListItem","position":2,"name":"SSL in Oracle Apps 11i \/ R12"}]},{"@type":"WebSite","@id":"https:\/\/onlineappsdba.com\/#website","url":"https:\/\/onlineappsdba.com\/","name":"","description":"Oracle Implementation &amp; Training Experts","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/onlineappsdba.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/onlineappsdba.com\/#\/schema\/person\/909a876ed58d400faf82caf81d61bfdb","name":"Masroof Ahmad","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/onlineappsdba.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/10f9db7bdbbd7f9ccfbe9b2d208e5978fc28315e9c704383e639a926ea0fce5f?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/10f9db7bdbbd7f9ccfbe9b2d208e5978fc28315e9c704383e639a926ea0fce5f?s=96&d=mm&r=g","caption":"Masroof Ahmad"},"url":"https:\/\/onlineappsdba.com\/index.php\/author\/masroof\/"}]}},"_links":{"self":[{"href":"https:\/\/onlineappsdba.com\/index.php\/wp-json\/wp\/v2\/posts\/180","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/onlineappsdba.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/onlineappsdba.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/onlineappsdba.com\/index.php\/wp-json\/wp\/v2\/users\/115"}],"replies":[{"embeddable":true,"href":"https:\/\/onlineappsdba.com\/index.php\/wp-json\/wp\/v2\/comments?post=180"}],"version-history":[{"count":0,"href":"https:\/\/onlineappsdba.com\/index.php\/wp-json\/wp\/v2\/posts\/180\/revisions"}],"wp:attachment":[{"href":"https:\/\/onlineappsdba.com\/index.php\/wp-json\/wp\/v2\/media?parent=180"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/onlineappsdba.com\/index.php\/wp-json\/wp\/v2\/categories?post=180"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/onlineappsdba.com\/index.php\/wp-json\/wp\/v2\/tags?post=180"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}