6-28 Oracle Fusion Middleware Administrators Guide ■ Select Enable SSL. ■ For Server Keystore Name, select the keystore you created in step 3, for example, OVDtestJks. ■ For Server Keystore Password, type the keystore password you specified in step 3. ■ For Server Truststore Name, select the keystore you created in step 3, for example, OVDtestJks. ■ For Server Truststore Password, type the keystore password you specified in step 3. ■ Expand Advanced SSL Settings. ■ For SSL authentication, select Server Authentication. This is the default setting. ■ For Cipher Suite, select the applicable cipher suite, in this example All. ■ Click OK. 7. Stop and start the Oracle Virtual Directory instance by navigating to Oracle Virtual Directory , then Control, then Stop and Start. 8. To verify that the instance is correctly SSL-enabled, execute an ldapbind command of the form: ldapbind -D cn=orcladmin -U 2 -h host -p SSL_port -W file: DIRECTORY_SSL_WALLET Configuring SSL in Oracle Fusion Middleware 6-29 SSL Enabling in Other Authentication Modes The steps for SSL-enabling in other authentication modes are similar, except that in the SSL Settings dialog, you would set the appropriate authentication type.

6.6.2.2 Enabling SSL on an Oracle Virtual Directory Listener Using WLST

Take these steps to configure the listener in server-auth mode: 1. Determine the listeners for this Oracle Virtual Directory instance by running the following command: listListenersinst1,ovd1 This command lists all the listeners for this instance; select the one that needs to be configured for SSL. For this example, select LDAP SSL Endpoint. 2. Obtain the name of the SSL MBean for the Oracle Virtual Directory listener: getSSLMBeanNameinst1, ovd1, ovd, LDAP SSL Endpoint This command will return the SSL MBean name. 3. Set the passwords for the keystore and truststore in the MBean with the following commands: cd SSL_MBean_Name setKeyStorePassword,java.lang.Stringpassword.toCharArray setTrustStorePassword,java.lang.Stringpassword.toCharArray 4. Configure the listener with SSL properties: configureSSLinst1, ovd1, ovd, LDAP SSL Endpoint Note: ■ -U 2 represents the server-auth mode. ■ DIRECTORY_SSL_WALLET is the path to a wallet file, not including the wallet file name. ■ This wallet must contain the trusted certificate of the CA that issued the server certificate. Note: If configuring SSL for an LDAP listener, SSL communication is verified using ldapbind. If it is an http listener, it is verified using a browser. Note: Steps 2 and 3 are required only for server-auth and mutual-auth modes.