Configuring SSL in Oracle
You can configure SSL with the Oracle database so that the connection between Sterling B2B Integrator and the database is established during installation and runtime.
The SSL feature provides a secure communication channel between Sterling B2B Integrator and Oracle.
Installing
You can enable the SSL option through IBM Installation Manager using the GUI or a silent response file.
Installing using GUI
Perform the following steps:
- From Database Vendor Selection in the left navigation pane, select
Oracle from Database Vendor.
A new option, Use SSL appears on the screen.
- Select the Use SSL option.
- Specify the following fields:
Field Name Description Truststore File Mandatory. File path of the truststore for SSL connection. Truststore Password Mandatory. Password for the truststore key. Keystore File File path of the keystore. Optional. Required only for two-way SSL connection. The JKS keystore type is supported. Keystore Password Password for the keystore file. Optional. Required only for two-way SSL connection. TLS Version Mandatory. TLS version to be used for the connection. The default value is 1.2. Optional. - Click Next to continue the installation.
A secure connection is established between Sterling B2B Integrator and the Oracle database.
Installing using silent file
Add the following parameters to the response file:
Parameter | Value | SSL |
---|---|---|
user.sb.useSSL |
Indicates whether SSL with the Oracle database is turned on or off. The values used are True or False. | Required |
user.sb.trustStore |
Path of the truststore file in the file system | Required |
user.sb.trustStorePassword |
Password of the truststore key in plain text format | Required |
user.sb.keyStore |
Path of the keystore file in the file system | Optional |
user.sb.keyStorePassword |
Password of the keystore key in plain text format | Optional |
user.sb.tls_version |
TLS protocol version value. The default value is 1.2. | Optional |
Upgrading
You can upgrade with the SSL option through IBM Installation Manager using the GUI or a silent
response file.
Note: A one-time change is required which needs to be done prior to the
upgrade.
In place upgrade
There are 2 scenarios for upgrade -
- Upgrade to a new version with the first time SSL setup
- Upgrade to a new version that already has SSL connectivity
For both the upgrade scenarios, you need to enable the following properties (SSL parameters) in
the
sandbox.cfg
file.- useSSL
- trustStore
- trustStorePassword
- keyStore
- keyStorePassword
Follow these steps to upgrade:
- Hardstop the server.
- Add the SSL entries in the
sandbox.cfg
file. - Run
setupfiles.sh
for Linux or Unix.OR
Run
setup.cmd
for Windows. - Perform the upgrade.
- Restart the server.
Upgrade to a new directory
There are 2 scenarios for upgrade:
- Upgrade to a new version with the first time SSL setup
- Upgrade to a new version that already has SSL connectivity
In both the cases, you need to enable the SSL parameters either from the GUI or the silent file and perform the same steps as in place upgrade.