Select the appropriate option from the Cipher Suite field. You can select All, or

Creating and Managing Oracle Virtual Directory Listeners 11-25 setKeyStorePassword,java.lang.StringPASSWORD.toCharArray setTrustStorePassword,java.lang.StringPASSWORD.toCharArray 11. Configure the SSL settings for the Listener using the following command and file.prop. An sample file.prop file is given for reference: configureSSL instance1, ovd1, ovd, LDAP SSL Endpoint, PATH_TO_ file.prop Example 11–1 Sample file.prop File SSLEnabled=true AuthenticationType=auth_type SSLVersions=version Ciphers=cipher KeyStore=name_of_your_keystore TrustStore=name_of_your_keystore Important Notes Regarding the file.prop File: ■ Replace the variable values in the Example 11–1 with the values for your environment. ■ If you are configuring the Listener for SSL No-Auth mode, you must select at least one DH_anon cipher. For all other SSL modes, you must select at least one RSA cipher. ■ You must specify the value of the KeyStore parameter when configuring SSL for server-auth and mutual-auth modes. ■ If you specify only AES ciphers, the SSLVersions parameter must contain TLSv1. Note: If you configure a different keystore or change the certificate in the keystore for the Admin Gateway Listener or the LDAP SSL Endpoint Listener, you must import the certificate into the Oracle Enterprise Manager Fusion Middleware Control Agent’s wallet. If you do not import the certificate, Oracle Enterprise Manager Fusion Middleware Control cannot connect to Oracle Virtual Directory to retrieve performance metrics. To import the certificate into the Oracle Enterprise Manager Fusion Middleware Control Agent’s wallet: 1. Export the Oracle Virtual Directory server certificate by executing the following command: ORACLE_HOME jdkjrebinkeytool -exportcert \ -keystore OVD_KEYSTORE_FILE -storepass PASSWORD \ -alias OVD_SERVER_CERT_ALIAS -rfc \ -file OVD_SERVER_CERT_FILE 2. Add the Oracle Virtual Directory server certificate to the Oracle Enterprise Manager Fusion Middleware Control Agent’s Wallet by executing the following command: ORACLE_COMMON_HOME binorapki wallet add -wallet \ ORACLE_INSTANCEEMAGENTEMAGENTsysmanconfigmonwallet \ -trusted_cert -cert OVD_SERVER_CERT_FILE -pwd WALLET_PASSWORD