Configuring Sterling B2B Integrator for data traffic encryption with SSL authentication in Oracle

You can enable data traffic encryption and SSL authentication.

This procedure is applicable if you are running Sterling B2B Integrator on a system that requires either Oracle JDK or IBM® JDK.

The example in this procedure uses two-way SSL authentication. It is recommended to follow the instructions in the "CASE #2: USE SSL FOR ENCRYPTION AND SERVER AUTHENTICATION" section of the Oracle documentation.

You can also configure one-way SSL authentication. If you want to use SSL for encryption and for server authentication of both tiers, it is recommended to follow the instructions in the "CASE #3: USE SSL FOR ENCRYPTION AND AUTHENTICATION OF BOTH TIERS" section of the Oracle documentation. For more information about one-way SSL authentication, see SSL With Oracle JDBC Thin Driver.

If your installation of Sterling B2B Integrator is a cluster installation, you need to perform this procedure on each node, starting with node 1.

Important: If you are using Oracle SSL authentication, you cannot install or upgrade Sterling B2B Integrator. You must roll back the SSL configuration to a Standard Oracle database connection before you install or upgrade Sterling B2B Integrator. This includes applying a Fix Pack for Sterling B2B Integrator.

To configure Sterling B2B Integrator for data traffic encryption with SSL authentication in Oracle:

  1. Install Sterling B2B Integrator in TCP (clear) mode.
  2. Stop Sterling B2B Integrator.
  3. Open the /<install_dir>/properties directory.
  4. Open the customer_overrides.properties file and add the following database connection information: 
    jdbcService.oraclePool.prop_javax.net.ssl.trustStore=/…/path/…/ClientKeyStore.jks
jdbcService.oraclePool.prop_javax.net.ssl.trustStoreType=JKS
jdbcService.oraclePool.prop_javax.net.ssl.trustStorePassword=password
jdbcService.oraclePool.prop_oracle.net.ssl_version=3.0
jdbcService.oraclePool.prop_javax.net.ssl.keyStore=/…/path/…/ClientKeyStore.jks
jdbcService.oraclePool.prop_javax.net.ssl.keyStoreType=JKS
jdbcService.oraclePool.prop_javax.net.ssl.keyStorePassword=password
  5. Repeat step 4 for the following Oracle connection pools by changing only the pool name:
    • oraclePool_local
    • oraclePool_NoTrans
    • oracleArchivePool
    • oracleUIPool
    If you have any other database pools, you need to add the properties for those pools.
  6. Open the sandbox.cfg file and change the database connection information to the following value: 
    ORACLE_JDBC_URL= jdbc:oracle:thin:@(DESCRIPTION=(ADDRESS=(PROTOCOL=tcps)(HOST=<DB host>)(PORT=<TCPS port as configured in DB config section above>))(CONNECT_DATA=(SERVICE_NAME=<service name>)))
  7. Enter the command ./setupfiles.sh.
  8. Restart Sterling B2B Integrator.
    All the database connections from Sterling B2B Integrator are now connected through TCPS (encrypted) mode.