Configuring Node Manager to Use the Custom Keystores
9.3.4 Configuring Node Manager to Use the Custom Keystores
To configure Node Manager to use the custom keystores, add the following lines to the end of the nodemanager.properties file located in the WL_HOMEcommon nodemanager directory: KeyStores=CustomIdentityAndCustomTrust CustomIdentityKeyStoreFileName=Identity_Keystore CustomIdentityKeyStorePassPhrase=Identity_Keystore_Password CustomIdentityAlias=Identity_Keystore_Alias CustomIdentityPrivateKeyPassPhrase=Private_Key_Used_When_Creating_Certificate Make sure to use the correct value for CustomIdentityAlias on each node; that is, the custom identity alias specifically assigned to that node, for example for ...HOST2: KeyStores=CustomIdentityAndCustomTrust CustomIdentityKeyStoreFileName=ORACLE_BASEadmindomain_nameaserverdomain_name certsappIdentityKeyStore.jks CustomIdentityKeyStorePassPhrase=welcome1 CustomIdentityAlias=appIdentity2 CustomIdentityPrivateKeyPassPhrase=welcome1 The passphrase entries in the nodemanager.properties file get encrypted when you start Node Manager as described in Section 9.4, Starting Node Manager. For security reasons, you want to minimize the time the entries in the nodemanager.properties file are left unencrypted. After you edit the file, you should start Node Manager as soon as possible so that the entries get encrypted. When using a commonshared storage installation for MW_HOME, Node Manager is started from different nodes using the same base configuration nodemanager.properties. In that case, it is required to add the certificate for all the nodes that share the binaries to the appIdentityKeyStore.jks identity store. To do this, create the certificate for the new node and import it to appIdentityKeyStore.jks as in Section 9.3.2, Creating an Identity Keystore Using the utils.ImportPrivateKey Utility. Once the certificates are available in the store, each node manager needs to point to a different identity alias to send the correct certificate to the administration server. To do this, set different environment variables before starting Node Manager in the different nodes: HOST cd WL_HOMEserverbin HOST export JAVA_OPTIONS=-DCustomIdentityAlias=appIdentityX Note: Make sure to specify the custom identity alias specifically assigned to each host, so appIdentity1 for ...HOST1 and appIdentity2 for ...HOST2. 9-6 Oracle Fusion Middleware Enterprise Deployment Guide for Oracle ECM Suite9.3.5 Configuring Managed WLS Servers to Use the Custom Keystores
Parts
» Oracle Fusion Middleware Online Documentation Library
» What Is an Enterprise Deployment? About Oracle Enterprise Content Management Suite
» Built-In Security High Availability
» Terminology Oracle Fusion Middleware Online Documentation Library
» Oracle Identity Management Web Tier
» Abbreviations Hardware Requirements What to Install
» Installation Procedure Oracle Fusion Middleware Online Documentation Library
» Database Host Requirements Supported Database Versions Initialization Parameters
» Loading the Oracle Fusion Middleware Metadata Repository in the Oracle RAC Database
» ecm.mycompany.com admin.mycompany.com soainternal.mycompany.com ecminternal.mycompany.com
» IPs and Virtual IPs Firewalls and Ports
» Terminology for Directories and Directory Environment Variables
» Recommended Locations for the Different Directories
» Shared Storage Configuration Shared Storage and Recommended Directory Structure
» LDAP as Credential and Policy Store
» Configuring the Oracle Web Tier
» Enabling ADMINVHN on SOAHOST1 Running the Configuration Wizard on SOAHOST1 to Create a Domain
» Configuring Oracle HTTP Server for the Administration Server
» Assumptions and Procedure Manually Failing Over the Administration Server to SOAHOST2
» Validating Access Through Oracle HTTP Server Backing Up the Installation
» Configuring Oracle Coherence for Deploying Composites
» Configuring the Java Object Cache for Oracle Web Services Manager
» Configuring Oracle HTTP Server for the WLS_SOA Managed Servers
» Setting the Frontend HTTP Host and Port Validating Access Through Oracle HTTP Server
» Enabling High Availability for Oracle File and FTP Adapters
» About Adding Oracle UCM to a Domain Extending the Domain to Include Oracle UCM
» Restarting the Administration Server Configuring a JMS Persistence Store for Oracle IPM JMS
» Configuring BPEL CSF Credentials
» About Setting Up Node Manager
» Generating Self-Signed Certificates Using the utils.CertGen Utility
» Configuring Node Manager to Use the Custom Keystores
» Configuring Managed WLS Servers to Use the Custom Keystores
» Testing the Server Migration
» Create an LDIF file assumed to be jpstestnode.ldif in this example
» Cataloging Oracle Internet Directory Attributes
» Overview of Oracle Access Manager Integration Prerequisites for Oracle Access Manager
» Running the OAM Configuration Tool
» Installing and Configuring WebGate
» Back Up Configuration Files Setting the Order of Providers
» Move to the following directory under your Oracle Home for Webgate:
» Updating the OAM11gRequest File
» Monitoring the Topology Defining an Optimal Input File Strategy for Oracle IPM
» Configuring UMS Drivers Oracle Fusion Middleware Online Documentation Library
» Choose the Automatic Server Migration Enabled option. This enables Node Click Save.
» Performing Backups and Recoveries
» Page Not Found When Accessing soa-infra Application Through Load Balancer
Show more