Hyperion SSL安装

Installing and Configuring Oracle? Hyperion Enterprise Performance Management System 11.1.2 with SSL Enabled on All Layers

Purpose

This tutorial covers installation and configuration of Oracle? Hyperion Enterprise Performance Management (EPM) System 11.1.2 with Secure Sockets Layer (SSL) enabled on all layers, with WebLogic 11gR1 and Oracle HTTP Server (OHS) 11gR1.

Time to Complete

Approximately 4 hours

Topics

This tutorial covers the following topics:

Overview

Hyperion SSL安装

Scenario

Hyperion SSL安装

Prerequisites

Hyperion SSL安装

Installing EPM System

Hyperion SSL安装

Configuring Foundation Services and Enabling SSL

Hyperion SSL安装

Defining and Importing Certificates

Hyperion SSL安装

Configuring OHS Web Server

Hyperion SSL安装

Configuring WebLogic Applications with SSL

Hyperion SSL安装

Installing Remaining Products

Hyperion SSL安装

Summary

Hyperion SSL安装

Resources

Hyperion SSL安装

Viewing Screenshots

Click icon to hide all screenshots

Note: Alternatively, you can click an individual icon (or image) associated with each step to view (or hide) the screenshot associated with that step.

Overview

In this tutorial, you perform a full SSL EPM System 11.1.2 installation and configuration. You learn how to:

?Define and manage certificates for Oracle Wallet and JKS

?Configure OHS for SSL

?Configure WebLogic for SSL

?Configure EPM System for SSL

This tutorial uses the same principle as other SSL configurations (for example, SSL offloading and two-way SSL), that is separating internal and external communications flows with two URLs:

http://m.wendangku.net/doc/16632c4b4431b90d6c85c7d1.html for browser and Smart View client connections to the web server; and

http://m.wendangku.net/doc/16632c4b4431b90d6c85c7d1.html for server to server communications. Deployment architecture:

Hyperion SSL安装

Back to Topic List Scenario

You are tasked with enabling SSL on a new EPM System installation. Your company is using its own certification authority to sign certificates, not relying on trusted third party root ca (root certificate

authority).

Your setup is composed of seven machines:

?OHS web server to proxy requests to web applications

?Two WebLogic servers to run Planning and other java applications

?Two Internet Information Services (IIS) servers to run Financial Management and other IIS application servers

?Oracle Database server

?External LDAP server

Back to Topic List Prerequisites

Before starting this tutorial, you should:

1. Download EPM System 11.1.2 assemblies from http://m.wendangku.net/doc/16632c4b4431b90d6c85c7d1.html, including WebLogic 11gR1

and OHS 11gR1

2. Define two DNS aliases - http://m.wendangku.net/doc/16632c4b4431b90d6c85c7d1.html and http://m.wendangku.net/doc/16632c4b4431b90d6c85c7d1.html pointing to your

OHS server.

Back to Topic List Installing EPM System

Follow the steps below to install EPM System:

1

Launch installTool.cmd.

.

2

At the bottom of the installer window, ensure the prerequisites are met, and click Next.

.

Hyperion SSL安装

3.

Enter the Middleware home, for example, d:\Oracle\Middleware , and click Next . 4.

Select New Installation > Choose components by tier , and click Next . 5. In the Web Application colomn, select Foundation Services Web Applications , and uncheck all other components.

6.

Follow the wizard steps to complete the installation. Back to Topic List

Configuring Foundation Services and Enabling SSL

Configuring Foundation Services for SSL on WebLogic Server

1 . Import the root certification authority certificate for the database server for SSL JDBC into EPM Configurator keystore located in

EPMSystem11r1/common//Sun/1.6.0/lib/security/cacerts. Use the following command:

%EPM_ORACLE_HOME%\common\JRE\Sun\1.6.0\bin\keytool.exe -import -alias myrootca

-keystore %EPM_ORACLE_HOME%\common\JRE\Sun\1.6.0\lib\security\cacerts -trustcacerts -file %EPM_ORACLE_HOME%\ssl\CA.crt -storepass changeit

Note: The default password is changeit .

2 . From the Start menu, select All Programs > Oracle EPM System > Foundation Services > EPM System Configurator.

The EPM System Configurator is launched.

3

.

Under Hyperion Foundation, select the following components:

Common Settings

Configure Database

Configure Oracle Configuration Manager

Deploy to Application Server

The "Set up Shared Services and Registry Database Connection associated with the instance home" dialog box is displayed.

4 . Click Advanced options, set up the SSL JDBC URL as specified in the following figure, and click OK.

Hyperion SSL安装

5 . Select Create Windows Services for configured components and Use SSL for Web application server communications (Requires manual configuration).

Hyperion SSL安装

Hyperion SSL安装

Note: If you have an SSL SMTP server, select Use SSL to communicate with mail server.

6

Click Next.

.

The "Information of the WebLogic Domain to which the web applications are deployed" dialog box is

displayed.

Hyperion SSL安装

7

Select Define a new Domain to deploy the web applications and enter a password for the domain. .

Note: Make sure the password has at least eight alphanumeric characters and at least one number or special character.

8

Click Next.

.

The Application Server Deployment: Oracle WebLogic dialog box is displayed.

9

.

In the Advanced column, click Set up for each Ear/War component. The Advanced Setup dialog box is displayed.

1 0 . Define a new logical address http://m.wendangku.net/doc/16632c4b4431b90d6c85c7d1.html (internal load balancer host) for Workspace and Shared Services. Specify the internal load balancer SSL port 19443.

Hyperion SSL安装

Hyperion SSL安装

1 1 . Click OK.

Hyperion SSL安装

The Oracle Configuration Manager Registration dialog box is displayed.

1 2 . Select the desired setting and click Next.

Hyperion SSL安装

The "Set Shared Services admin user password" dialog box is displayed.

1 3 . Click Next.

Hyperion SSL安装

The list of products and tasks to be configured is displayed.

1 4 . Click Next

Hyperion SSL安装

to complete the configuration.

Hyperion SSL安装

15.

Click Finish . Configuring Web Server

1.

On the OHS server, launch EPM System Configurator, and select Configure Web Server

.

Hyperion SSL安装

2

Click Next.

.

The Configure Web Server dialog box is displayed.

Hyperion SSL安装

Note: This step configures OHS using HTTP. SSL configuration is manual, after certificates are created.

3

Click Next.

.

The list of configuration tasks is displayed.

Hyperion SSL安装

4.

Click Next to complete the configuration.

Hyperion SSL安装

5

Click Finish.

.

Back to Topic List Defining and Importing Certificates

You need eight server certificates for this configuration:

?Two server certificates for OHS ( http://m.wendangku.net/doc/16632c4b4431b90d6c85c7d1.html and http://m.wendangku.net/doc/16632c4b4431b90d6c85c7d1.html). These two certificates are stored in the same Oracle Wallet.

?WebLogic servers 1 and 2 ( http://m.wendangku.net/doc/16632c4b4431b90d6c85c7d1.html and http://m.wendangku.net/doc/16632c4b4431b90d6c85c7d1.html). These certificates are stored in java keystores.

?IIS ( http://m.wendangku.net/doc/16632c4b4431b90d6c85c7d1.html and http://m.wendangku.net/doc/16632c4b4431b90d6c85c7d1.html). The certificates are stored in the windows

keystore.

相关推荐
相关主题
热门推荐