How To
Summary
In Content Platform Engine 5.5.7 a new feature was introduced to allow the use of SSL-enabled Oracle databases. When defining a data source for the SSL-enabled Oracle object store or global configuration database (GCD), four options are provided for storing the keys. One of the options, using a jks keystore that is not created as part of an Oracle wallet does not function correctly.
Objective
Environment
Additional Information
A new feature is introduced in Content Platform Engine 5.5.7 to allow the use of SSL-enabled Oracle databases. When defining a data source for the SSL-enabled Oracle object store or global configuration database (GCD), four options are provided for storing the keys:
- Oracle wallet (type is pkcs12) created using the command: orapki wallet create
- Keystore created as type jks,but then converted to an Oracle wallet (type pkcs12) using the command: orapki wallet jks_to_pkcs12
- Keystore that is not an Oracle wallet, created as type pkcs12 using a tool like <JAVA_HOME>/bin/keytool
- Keystore that is not an Oracle wallet, created as type jks using a tool like <JAVA_HOME>/bin/keytool
The fourth option--keystore that is not an Oracle wallet, created as type jks using a tool like <JAVA_HOME>/bin/keytool--does not work because the following information must be provided to establish the connection and the Configuration Manager (CMUI and the command line) does not support adding these values.
- Location (path to the keystore *.jks file)
- Type (jks)
- Password
If you want to use an SSL-enabled Oracle database, use one of the other listed options.
Document Location
Worldwide
Was this topic helpful?
Document Information
Modified date:
31 August 2021
UID
ibm16479643