Configuring Sterling B2B Integrator for data traffic encryption with SSL authentication in Oracle
You can enable data traffic encryption and SSL authentication.
This procedure is applicable if you are running Sterling B2B Integrator on a system that requires either Oracle JDK or IBM® JDK.
The example in this procedure uses two-way SSL authentication. It is recommended to follow the instructions in the "CASE #2: USE SSL FOR ENCRYPTION AND SERVER AUTHENTICATION" section of the Oracle documentation.
You can also configure one-way SSL authentication. If you want to use SSL for encryption and for server authentication of both tiers, it is recommended to follow the instructions in the "CASE #3: USE SSL FOR ENCRYPTION AND AUTHENTICATION OF BOTH TIERS" section of the Oracle documentation. For more information about one-way SSL authentication, see SSL With Oracle JDBC Thin Driver.
If your installation of Sterling B2B Integrator is a cluster installation, you need to perform this procedure on each node, starting with node 1.
To configure Sterling B2B Integrator for data traffic encryption with SSL authentication in Oracle:
- Install Sterling B2B Integrator in TCP (clear) mode.
- Stop Sterling B2B Integrator.
- Open the /<install_dir>/properties directory.
- Open the customer_overrides.properties file and add the following
database connection information:
jdbcService.oraclePool.prop_javax.net.ssl.trustStore=/…/path/…/ClientKeyStore.jks jdbcService.oraclePool.prop_javax.net.ssl.trustStoreType=JKS jdbcService.oraclePool.prop_javax.net.ssl.trustStorePassword=password jdbcService.oraclePool.prop_oracle.net.ssl_version=3.0 jdbcService.oraclePool.prop_javax.net.ssl.keyStore=/…/path/…/ClientKeyStore.jks jdbcService.oraclePool.prop_javax.net.ssl.keyStoreType=JKS jdbcService.oraclePool.prop_javax.net.ssl.keyStorePassword=password
- Repeat step 4 for the following Oracle connection pools by changing only the pool
If you have any other database pools, you need to add the properties for those pools.
- Open the sandbox.cfg file and change the database connection
information to the following value:
ORACLE_JDBC_URL= jdbc:oracle:thin:@(DESCRIPTION=(ADDRESS=(PROTOCOL=tcps)(HOST=<DB host>)(PORT=<TCPS port as configured in DB config section above>))(CONNECT_DATA=(SERVICE_NAME=<service name>)))
- Enter the command ./setupfiles.sh.
Restart Sterling B2B Integrator.
All the database connections from Sterling B2B Integrator are now connected through TCPS (encrypted) mode.