Skip Headers
Oracle® Identity Management Integration Guide
10g Release 2 (10.1.2)
B14085-02
  Go To Documentation Library
Home
Go To Product List
Solution Area
Go To Table Of Contents
Contents
Go To Index
Index

Previous
Previous
Next
Next
 

4.4 Managing the SSL Certificates of Oracle Internet Directory and Connected Directories

The Oracle directory integration and provisioning server can use SSL to connect to Oracle Internet Directory and connected directories. When using SSL with no authentication to connect to Oracle Internet Directory, no certificate is required. However, when connecting to connect to Oracle Internet Directory using SSL with server authentication, you need a trust point certificate to connect to the LDAP server. The Oracle directory integration and provisioning server expects the certificate to be in a wallet, which is a data structure used to store and manage security credentials for an individual entity. Oracle Wallet Manager is an application that wallet owners and security administrators use to manage and edit the security credentials in their wallets.


See Also:

The chapter on Oracle Wallet Manager in Oracle Advanced Security Administrator's Guide

The location of the wallet and the password to open it are stored in a properties file used by Directory Integration and Provisioning. This file is $ORACLE_HOME/ldap/odi/conf/odi.properties.

A typical odi.properties file has the entries described in Table 4-2. You must update the odi.properties file with values that are appropriate to your deployment.

Table 4-2 Entries in the odi.properties File

Entry Description

RegWalletFile: odi/conf/srvWallet

This entry indicates the location of the registration information of Directory Integration and Provisioning with Oracle Internet Directory. The location of the file is in relation to the $ORACLE_HOME/ldap directory.

CertWalletFile: location_of_certificate_wallet

Location of the certificate wallet. The certificate wallet file is the location of the ewallet.p12 file.

CertWalletPwdFile: location_of_certificate_wallet_password_file

Location of the file containing the encrypted wallet password. You must update this password by using the Directory Integration and Provisioning Assistant.

See Also:

The chapter on SSL and the directory in Oracle Internet Directory Administrator's Guide

Oracle Identity Management User Reference


As an example, an odi.properties file can look like this:

RegWalletFile:  /private/myhost/orahome/ldap/odi/conf
CertWalletFile:  /private/myhost/orahome/ldap/dipwallet
CertWalletPwdFile: /private/myhost/orahome/ldap/

In the preceding example, the file locations are absolute path names. In this example, the wallet file ewallet.p12 is located in the directory /private/myhost/orahome/ldap/dipwallet.