To implement a certificate on a running DBCS instance running on OCI classic, you need:
- The combined certificate combined.cer, in pem format
- The certificate private key privatekey.txt, in pem format
Navigate in the ORDS configuration directory
cd /u01/app/oracle/product/ords/conf/ords/standalone
Convert the key into a pkcs8 format:
openssl pkcs8 -topk8 -inform pem -outform der -in privatekey.txt -out privatekey_pkcs8.der -nocrypt
Now reference the certificate concatenated with the intermediate certificate IN THIS ORDER, and the certificate key in pkcs8 format from the configuration file standalone.properties
#Fri Feb 02 18:30:47 UTC 2017 jetty.port=8080 jetty.secure.port=8181 ssl.cert=/u01/app/oracle/product/ords/conf/ords/standalone/combined.cer ssl.cert.key=/u01/app/oracle/product/ords/conf/ords/standalone/privatekey_pkcs8.key ssl.host=<hostname> standalone.context.path=/ords standalone.doc.root=/u01/app/oracle/product/ords/conf/ords/standalone/doc_root standalone.scheme.do.not.prompt=true standalone.static.context.path=/i standalone.static.do.not.prompt=true
Restart now the ORDS service
sudo /etc/init.d/ords restart