Installing a SSL Web Server Certificate on an Oracle Web Application Server

1. Delete ALL text from this file that appears before -----BEGIN CERTIFICATE. Your document should contain only certificate information within this e-mail. After you delete extra text, save this file inside your temporary directory as TEXT and filename "mycert.der".

2. To configure OAS 4.0.8 listener with your SSL files, go to OAS 4.0.8 Node Manager page (Usually on port 8888). Click on "OAS Manager".

3. Wait for the Java Applet menu to load and expand -> Website40 Site -> HTTP listener - WWW -> Security -> SSL.

4. Type in first ROW of data
a. Cert Label - mycert
b. Cert File - Enter path and name of your certificate received. For example: C:\SSL\mycert.der
c. Dist Name File - Enter path and name for servname.der. For example: C:\SSL\servname.der
d. Private Key File - Enter path and name for privkey.der. For example: C:\SSL\privkey.der
e. CA Dir - Enter a temporary path. This is not used, but you must supply a valid path. For example: C:\tmp.
f. CRL Dir - Enter a temporary path. This is not used but you must supply a valid path. For example: C:\tmp.
Click "Apply" to save changes.

5. To configure the Network section for WWW listener, go to HTTP listener -> WWW -> Network.
Add a new ROW of information:
a. Address - Use same information as DEFAULT ROW. For example: ANY.
b. Port - Type port 443 here. SSL port 443 by DEFAULT.
c. Security - Pick SSL from pull-down menu.
d. Host Name - Use same information as DEFAULT ROW.
e. Base Directory - Use same information as DEFAULT ROW.
f. Log Info Directory - Use same information as DEFAULT ROW.
g. Authentication - Use same information as DEFAULT ROW. (NONE)
h. Certificate Label - Type "mycert". This is the same name used on Step #17 above. This entry maps Step #17 with Step# 18.
Click "Apply" to save changes.

6. Now, you are ready to recycle OAS for changed to take place. Go to Website40 Site or First Icon on Your Java Applet menu. Click on "Select All" radio button. Click on the (Reload) button in toolbar. This will properly shut down and restart all OAS processes in the right order.
If everything starts successfully, then try to access your secure page. SSL runs on HTTPS protocol, URL format may look like:

https://myhost.us.domain.com

Try to access that page in your browser. You should get a browser warning stating that you are entering a SECURE site. Just click OK. Secure page should come up.

If you get errors while trying to start WWW listener after making these changes, then check your NT Event Log or svwww.err file. Both logs will point out what is going wrong. Some common mistakes for SSL configuration include incorrect filename spellings and directory structures, problems with certificate file because of copy/pasting, etc. Log files tend to give very specific information in that case for debugging.