To import a trusted certificate, navigate to the Certificate Management page (“ORACLE HTTP Server” à “Security” à “Wallets” select the wallet we just created “ ohs5.mycompany.com ”). By default, the created wallet comes with four trusted certificates that we have to delete before we import the new ones . Simply select the trusted certificated to be deleted and click on “Delete”. Be sure not to delete the Certificate Request (the first one). Then click on Import.
In the Import Certificate dialog select the “Trusted Certificate” within the Certificate Type and then use the file selector to browse your file system to locate the file containing the trusted certificate (rootCA1.cer).
In this first step we will import rootCA1.cer file, repeat the above step for any other Trusted CA Certificates in the chain (rootCA2.cer, rootCA3.cer…).
After every step, a message confirming that the Certificate was successfully imported will appear.
Import the User Certificate
Follow the same steps done in the previous point but in the Import Certificate dialog within the “Certificate Type” box select “Certificate” and then use the file selector to browse your file system to locate the file containing the user certificate (server.cer).
A message confirming that the Certificate was successfully imported will appear.
When the Wallet is complete and contains a valid certificate move to the next step.
We will configure SSL via Fusion Middleware Control. The OHS out of the box install creates an SSL Virtual Host for you, which is configured to use a dummy certificate. The steps below will show how to edit the existing SSL Virtual Host.
Select the Oracle HTTP Server instance in the navigation pane on the left and navigate to Oracle HTTP Server, then Administration, then Virtual Hosts.
This page shows what hosts are currently configured, and whether they are configured for http or https.
Select the virtual host you wish to update, and click Configure, then SSL Configuration.
To configure SSL for a virtual host that is currently using http simply check the Enable SSL box and select a wallet from the drop-down list and for "SSL Authentication" select "Server Authentication”.
Restart the Oracle HTTP Server instance and test that you can connect from a browser to your Virtual Host via https (SSL secured) and that your Oracle HTTP Server is trusted.