Skip Headers

Oracle Workflow Administrator's Guide
Release 2.6.3.5

Part Number B12160-02
Previous Next       Contents Index Glossary
         Previous  Next          Contents  Index  Glossary

Step 13 Setting Up for Electronic Signatures

In Oracle Applications, notifications can require that a user's response be signed by a password-based signature or a certificate-based digital signature. Perform the following setup steps to enable users to provide these signatures.

Note: Electronic signatures are currently supported only for the version of Oracle Workflow embedded in Oracle Applications.

See Also

#WF_SIG_POLICY Attribute, Oracle Workflow Developer's Guide

Implementing Password-based Signatures with Single Sign-On

Oracle Workflow supports password-based signatures for notifications based on Oracle Application Object Library (FND) passwords. If you maintain your directory service based on Oracle Application Object Library users and passwords, no additional setup is required. However, if you have implemented single sign-on functionality for your site through Oracle Internet Directory (OID), and you want to use password-based signatures, you must perform the following steps.

For more information, see: Integrating Oracle E-Business Suite Release 11i with Oracle Internet Directory and Oracle Single Sign-On (OracleMetaLink note 261914.1).

Loading Certificates for Digital Signatures

If a notification requires a certificate-based digital signature, the user must sign the response with a valid X.509 certificate issued by a certificate authority. Before users can sign responses with their certificates, you must load these certificates into your Oracle Applications database using the Workflow Certificate Loader.

When you load a certificate, you must also specify the Oracle Applications user to whom that certificate is assigned. Oracle Workflow uses this information to validate that the user attempting to sign with a certain certificate is the same user to whom that certificate is assigned.

A user can have more than one certificate assigned to him or her. However, each certificate can only be assigned to one user. Additionally, after you have loaded a certificate for a user, you cannot delete it from the database or assign it to a different user. If a certificate is incorrectly assigned, the user to whom it belongs must revoke it and obtain a new certificate instead.

You can load several certificates at once by listing the information for all the certificates in a data file for the loader. You can also load a single certificate by specifying the certificate information in the command line for the loader.

Note: If your users access Oracle Applications with Microsoft Internet Explorer, ensure that you also set the Browser Signing DLL Location global preference in the Workflow Configuration page. See: To Set Global Preferences for Oracle Workflow Embedded in Oracle Applications.

arrow icon   To load certificates for digital signatures:

Note: You only need to load the root certificate for a particular certificate authority, and the intermediate certificates for a particular type of certificate, once. If you already loaded the root and intermediate certificates required for a new personal certificate, you can simply load the personal certificate without reloading the others.

user=CA; domain=CA; filename=<certificate_file>; crl_url=<URL>

user=<user_name>; domain=U; filename=<certificate_file>

#Root certificate for certificate authority myCA
user=CA; domain=CA; filename=/certs/myCA.cer; crl_url=http://myCA.com/myCA.crl
#
#Personal certificate for user BLEWIS
user=BLEWIS; domain=U; filename=/certs/blewis.cer

java oracle.apps.fnd.wf.DigitalSignature.loader.CertificateLoader [-v] <user_name> <password> <connect_string> <data_file>

java oracle.apps.fnd.wf.DigitalSignature.loader.CertificateLoader -v apps apps myserv:4105:mySID myCertData.txt

java oracle.apps.fnd.wf.DigitalSignature.loader.CertificateLoader [-v] -s <user_name> <password> <connect_string> user=CA domain=CA filename=<certificate_file> crl_url=<URL>

java oracle.apps.fnd.wf.DigitalSignature.loader.CertificateLoader [-v] -s <user_name> <password> <connect_string> user=<user_name> domain=U filename=<certificate_file>

java oracle.apps.fnd.wf.DigitalSignature.loader.CertificateLoader -s apps apps myserv:4105:mySID user=BLEWIS domain=U filename=/certs/blewis.cer

Note: You can display a help message describing the usage of the Workflow Certificate Loader by specify the -h option with the following command:

java oracle.apps.fnd.wf.DigitalSignature.loader.CertificateLoader -h

Troubleshooting the Workflow Certificate Loader

The following list shows Workflow Certificate Loader error messages and suggested steps to resolve them.


         Previous  Next          Contents  Index  Glossary



Oracle Logo
Copyright © 2003, 2004, Oracle. All rights reserved.