OCI: Implement a certificate for ORDS

To implement a certificate on a running DBCS instance running on OCI classic, you need:

  • The combined certificate combined.cer, in pem format
  • The certificate private key privatekey.txt, in pem format

 

Navigate in the ORDS configuration directory

cd /u01/app/oracle/product/ords/conf/ords/standalone

 

Convert the key into a pkcs8 format:

openssl pkcs8 -topk8 -inform pem -outform der -in privatekey.txt -out privatekey_pkcs8.der -nocrypt

 

Now reference the certificate concatenated with the intermediate certificate IN THIS ORDER, and the certificate key in pkcs8 format from the configuration file standalone.properties

#Fri Feb 02 18:30:47 UTC 2017
jetty.port=8080
jetty.secure.port=8181
ssl.cert=/u01/app/oracle/product/ords/conf/ords/standalone/combined.cer
ssl.cert.key=/u01/app/oracle/product/ords/conf/ords/standalone/privatekey_pkcs8.key
ssl.host=<hostname>
standalone.context.path=/ords
standalone.doc.root=/u01/app/oracle/product/ords/conf/ords/standalone/doc_root
standalone.scheme.do.not.prompt=true
standalone.static.context.path=/i
standalone.static.do.not.prompt=true

 

Restart now the ORDS service

sudo /etc/init.d/ords restart
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s