Configure Sterling B2B Integrator for Data Traffic Encryption in Oracle with SSL Authentication (Windows)

Use this procedure to enable encryption and SSL authentication. This procedure is applicable if you are running Sterling B2B Integrator on a platform that requires either Sun JDK or IBM JDK.

The example in this procedure uses 2-way SSL authentication. If you want to use SSL for encryption and for server authentication, it is recommended to follow the instructions in the Oracle CASE #2: USE SSL FOR ENCRYPTION AND SERVER AUTHENTICATION section of the Oracle documentation.

You can also configure 1-way SSL authentication. If you want to use SSL for encryption and for server authentication of both tiers, it is recommended to follow the instructions in the Oracle CASE #3: USE SSL FOR ENCRYPTION AND AUTHENTICATION OF BOTH TIERS section of the Oracle documentation, depending on how you intend to configure client and/or server authentication. For more information about 1-way SSL authentication, refer to Oracle documentation, which can be accessed from SSL With Oracle JDBC Thin Driver.

If your Sterling B2B Integrator is a cluster installation, you will need to perform this procedure on each node, starting with node 1.

  1. Install Sterling B2B Integrator in TCP (clear) mode.
  2. Stop Sterling B2B Integrator.
  3. Navigate to \install_dir\install\properties using one of the following methods:
    For Windows Server 2003 or earlier For Windows Server 2008 or later

    Open a command prompt window (from the Run dialog box).

    Complete the following steps:

    • Click Start.

    • Right-click Command Prompt and select Run as administrator.

      The Administrator: Command Prompt dialog box is displayed.
  4. Open the customer_overrides.properties file and add additional database connection information: 
    jdbcService.oraclePool.prop_javax.net.ssl.trustStore=/…/path/…/
ClientKeyStore.jks
jdbcService.oraclePool.prop_javax.net.ssl.trustStoreType=JKS
jdbcService.oraclePool.prop_javax.net.ssl.trustStorePassword=
password
jdbcService.oraclePool.prop_oracle.net.ssl_version=3.0
jdbcService.oraclePool.prop_javax.net.ssl.keyStore=/…/path/…/
ClientKeyStore.jks
jdbcService.oraclePool.prop_javax.net.ssl.keyStoreType=JKS
jdbcService.oraclePool.prop_javax.net.ssl.keyStorePassword=password
  5. Repeat step 4 for the following Oracle connection pools by changing only the poolname:
    • oraclePool_local
    • oraclePool_NoTrans
    • oracleArchivePool
    • oracleUIPool
    If you have any other database pools, you will need to add the properties for those pools.
  6. Open the sandbox.cfg file and change the database connection information to: 
    ORACLE_JDBC_URL= jdbc:oracle:thin:@(DESCRIPTION=(ADDRESS=(PROTOCOL=tcps)
(HOST=<DB host>)(PORT=<TCPS port as configured in DB config section above>))
(CONNECT_DATA=(SERVICE_NAME=<service name>)))
  7. Navigate to \install_dir\install\activemq\conf using one of the following methods:
    For Windows Server 2003 or earlier For Windows Server 2008 or later

    Open a command prompt window (from the Run dialog box).

    Complete the following steps:

    • Click Start.

    • Right-click Command Prompt and select Run as administrator.

      The Administrator: Command Prompt dialog box is displayed.
  8. Open the activemqconfig.xml.in file and modify the database connection information:
    • Remove or comment out the following default ActiveMQ database configuration information:
      
#:ifdef ORACLE
<bean id="gis-ds" class="org.apache.commons.dbcp.BasicDataSource" 
		destroy-method="close" singleton="true" lazy-init="default"
  autowire="default" 
		dependency-check="default" SCIOverrideName="persistence-bean">
<property name="driverClassName">
<value>oracle.jdbc.driver.OracleDriver</value>
</property>
<property name="url">
#:ifdef ORACLE_JDBC_URL
<value>&ORACLE_JDBC_URL;</value>
#:else
<value>jdbc:oracle:thin:@&ORA_HOST;:&ORA_PORT;:&ORA_DATA;</value>
#:endif
</property>
<property name="username">
<value>&ORA_USER;</value>
</property>
<property name="password"><value>&ORA_PASS;</value>
</property>
<property name="maxActive"><value>32</value>
</property>
</bean>
#:endif
    • Add the following ActiveMQ database configuration information:
      
<bean id="gis-ds"
class="oracle.jdbc.pool.OracleDataSource" destroy-method="close"
singleton="true" lazy-init="default" autowire="default"
dependency-check="default">
<property name="URL"><value>&ORACLE_JDBC_URL;</value></property>
<property name="user"><value>&ORA_USER;</value></property>
<property name="password"><value>&ORA_PASS;</value></property>
<property name="connectionProperties"><value>
javax.net.ssl.trustStore: /…/path/…/ClientKeyStore.jks
javax.net.ssl.trustStoreType:JKS
javax.net.ssl.trustStorePassword:password
oracle.net.ssl_version:3.0
javax.net.ssl.keyStore: /…/path/…/ClientKeyStore.jks
javax.net.ssl.keyStoreType:JKS
javax.net.ssl.keyStorePassword: password
driverClassName:oracle.jdbc.driver.OracleDriver
maxActive:32
</value>
</property>
</bean>
  9. Navigate to \install_dir\install\bin using one of the following methods:
    For Windows Server 2003 or earlier For Windows Server 2008 or later

    Open a command prompt window (from the Run dialog box).

    Complete the following steps:

    • Click Start.

    • Right-click Command Prompt and select Run as administrator.

      The Administrator: Command Prompt dialog box is displayed.
  10. Enter StartWindowsService.cmd.
  11. Restart Sterling B2B Integrator.
    All the database connections from Sterling B2B Integrator are now connected through TCPS (encrypted) mode.