Managing secrets to protect sensitive Oracle SSL configuration data
If you plan to use SSL for your Oracle database, create a secret manually to protect the
certificate data for the database.
About this task
Procedure
What to do next
The following values specify the SSL database
configuration:
dc_ssl_enabled: true
For example, for the relevant datasource for your IBM FileNet® Content
Manager deployment, your CR might look
like the following sample snip:
datasource_configuration:
dc_ssl_enabled: true
dc_gcd_datasource:
dc_database_type: "oracle"
dc_oracle_gcd_jdbc_url: "jdbc:oracle:thin:@(DESCRIPTION=(ADDRESS=(PROTOCOL=TCPS)(HOST={host})(PORT={port}))(CONNECT_DATA=(SERVICE_NAME={dbname})))"
...
database_ssl_secret_name: "ibm-oracle-ssl-secret"
dc_os_datasources:
- dc_database_type: "oracle"
dc_oracle_gcd_jdbc_url: "jdbc:oracle:thin:@(DESCRIPTION=(ADDRESS=(PROTOCOL=TCPS)(HOST={host})(PORT={port}))(CONNECT_DATA=(SERVICE_NAME={dbname})))"
...
database_ssl_secret_name: "ibm-oracle-ssl-secret"
Important: Make sure
that the Oracle SSL JDBC URL uses the following format:
"jdbc:oracle:thin:@(DESCRIPTION=(ADDRESS=(PROTOCOL=TCPS)(HOST={host})(PORT={port}))(CONNECT_DATA=(SERVICE_NAME={dbname})))"
.Also
remember to add the database user name and password to the
ibm-fncm-secret
.