Secure access to Oracle databases by enabling Secure Sockets
Layer (SSL) communication between Process Federation Server and
the database server.
Before you begin
Ensure that the following conditions are met:
- SSL is enabled for Process Federation Server.
- SSL is enabled for the Oracle server and an SSL certificate is
available.
Procedure
- Import the Oracle database server SSL certificate into
the Process Federation Server truststore.
On
Process Federation Server,
run the following command:
keytool -import -keystore path_to_keystore
-storepass your_password -keypass your_password
-alias custom_alias -file certificate.crt
Enter keystore password:
Owner: OU=Org_Unit, O=Org, C=Country
Issuer: OU=Org_Unit, O=Org, C=Country
...
Trust this certificate? [no]: yes
Certificate was added to keystore
- Verify that the certificate is available on the server
by running the following command:
keytool -list -v -keystore path_to_keystore; -storepass keystore_password
- Enable SSL communication between Process Federation Server and
the Oracle database server by adding the Oracle SSL port number that
is specified in the properties.oracle file for
the Oracle JDBC driver to the server.xml file:
- Open the server.xml configuration file for
editing.
By default, the configuration file is in the
pfs_install_root/usr/servers/server_name directory on
Process Federation Server.
- Update the portNumber property
in the
dataSource element for the Oracle JDBC driver
to point to the Oracle SSL port. The following code
snippet is an example of a configured
portNumber property
for an Oracle JDBC driver:
<dataSource
...
...
<properties.oracle serverName="localhost" databaseName="BPMDB"
user="oracle_admin" password="password"
portNumber="Oracle_SSL_port" serviceName="service_name"
</properties.oracle>
</dataSource>
Results
SSL communication between Process Federation Server and
the Oracle database server is enabled.
This topic only applies to BAW, and is located in the BAW repository. Last updated on 2025-03-13 12:15