Configuring Security 6-5 The following components use Oracle wallet: ■ Oracle HTTP Server ■ Oracle Web Cache ■ Oracle Internet Directory

6.4.2 Enabling SSL Between a Browser and Oracle HTTP Server

You can enable SSL on the communication path between a client browser and a Web server. In this case, you configure the virtual host for Oracle HTTP Server to listen in SSL mode, as described in the following topics: ■ Enabling SSL for Inbound Traffic to Oracle HTTP Server Virtual Hosts ■ Enabling SSL for Outbound Traffic from Oracle HTTP Server Virtual Hosts

6.4.2.1 Enabling SSL for Inbound Traffic to Oracle HTTP Server Virtual Hosts

To enable SSL for inbound traffic to Oracle HTTP Server virtual hosts: 1. Create an Oracle wallet: a. In the navigation pane, expand the farm, then Web Tier. Select an Oracle HTTP Server instance. b. From the Oracle HTTP Server menu, choose Security, then Wallets. The Wallets page is displayed. c. Click Create. The Create Wallet page is displayed, as shown in the following figure: d. For Wallet Name, enter a descriptive wallet name. e. Check or uncheck Autologin, depending on whether your wallet is an auto-login wallet. The default is an auto-login wallet. If you do not check Autologin, for Wallet Password, enter a password, then enter the same password in Confirm Password. f. Click OK to create the wallet. A confirmation box is displayed. g. The confirmation box asks if you want to create a certificate request. Click Yes. The Create Wallet: Add Certificate Request page is displayed. h. For Common Name, enter a name for the certificate request. 6-6 Oracle Fusion Middleware 2 Day Administration Guide i. Enter information about your organization. j. For Key Size, select a size. k. Click OK. l. To get the certificate signed by a certificate authority CA, you must export the certificate request out of the wallet and send it to your CA. After the issued certificate is returned, you must import it back into your wallet. Now your wallet is ready to use. 2. From the HTTP Server menu, choose Administration, then Virtual Hosts. The Virtual Hosts page is displayed. 3. Select a virtual host and choose Configure, then SSL Configuration. The SSL Configuration page is displayed, as shown in the following figure: 4. Select Enable SSL. 5. For Server Wallet Name, select the wallet. 6. From the Server SSL properties, select the SSL Authentication type, Cipher Suites to use, and the SSL protocol version. 7. Click OK. 8. Restart Oracle HTTP Server. From the Oracle HTTP Server menu, choose Control, then Restart. 9. Now, you can test this by visiting the Oracle HTTP Server page over SSL in a browser. Use a URL of the form https:host:port, where you replace the host and port with values relevant to your own environment.

6.4.2.2 Enabling SSL for Outbound Traffic from Oracle HTTP Server Virtual Hosts