Advertisements

Archive for June, 2016

FMW 12.2.1.1 is released !!!

FMW 12.2.1.1 was released last week and it seems to be a patch release for 12.2.1. Some quick links related to SOA are given below.

 

 

 

 

 

Advertisements

12.2.1 OSB JDev Issues

The following information is related to 12.2.1 release unless stated otherwise.

Issue 1:

OSB projects are being converted to SOA projects after adding a XQuery to workspace. You can confirm this by looking at components window which shows SOA related components after opening a pipeline.

Fortunately, this issue is already documented by in support note 2090174.1 and the solution is applying the patch 22226040. Refer to this post for instructions on applying the patch. Make sure that ORACLE_HOME and MW_HOME are pointing to right locations when you have multiple middleware homes.

Verify that patch is successfully applied by issuing opatch lspatches. Restart jdeveloper after clearing the cache (system directory).

If you still see this issue, verify the jpr files TechnologyScopeConfiguration does not have SOA entry similar to below.

<hash n=”oracle.ide.model.TechnologyScopeConfiguration”>
<list n=”technologyScope”>
<string v=”Maven”/>
<string v=”ServiceBusTechnology”/>
<string v=”WSDL”/>
<string v=”WSPolicy”/>
<string v=”XML”/>
</list>
</hash>

Issue 2:

For the first time, jdeveloper is getting stuck saying ‘Loading Maven…’ when opening any existing Service Bus application. To resolve the issue, modify the version to 12.2.1-0-0 in parent section of pom files of service bus projects including System project. Sample is shown below.

<parent>
<groupId>com.oracle.servicebus</groupId>
<artifactId>sbar-project-common</artifactId>
<version>12.2.1-0-0</version>
</parent>

SSL using KSS

In this post, we will use KSS (Keystore Service) for SSL setup. The screenshots showed in this post are based on SOA 12.2.1 but these steps remain same for 12.1.3 as well.

Creating Application Stripe:

ks1

ks2

stripe

Creating KSS Keystore:

kscreate

kssadmin

Creating Keypair:

kssmng

genkeypair

keypair

Oracle recommends key size to be more than equal to 1024. If we want to get it signed by any CA, we can generate CSR by clicking Generate CSR which is recommended for Production env. But for Development purpose we can use this keystore as it is.

keypair1

Clicking on alias name will bring up the following screen showing the certificate information.

cert

Configuring 1-Way SSL:

Enable SSL port by navigating to Environment –> Severs-> Admin Sever –> General.

sslport

Go to Keystores tab. Click Change to select Custom Identity and Custom  Trust as shown below and click Save to save the changes.

customkss

Modify Custom Identity and Trust stores as shown below. observe the usage of system trust store kss://system/trust. Oracle recommends this approach to simplify the trusted certificates setup.

customkss2

Go to SSL tab and give the Private key alias as shown below. Here give the password as “password” and click Save. See related note at end of this post.

ssl

Go to Advanced settings and set Hostname verification to None and also set Two way Client Cert Behavior to Clients Certs not Required as we are doing setup for 1-way SSL. This setting will enforce WLS server not to request client certificates.

advc

Restart the server and now we should be able to access admin console using HTTPS URL like http://localhost:7002/console.

Similarly, configure OSB managed server using same Keystore or by creating a new one similar to above as shown in the following screenshots.. Restart the server after changes.

osbssl

customkss2

ssl

Enable HTTPS for OSB proxy service as shown below.

proxyhttps

And now we should be able to access the proxy service WSDL using HTTPS URL like https://localhost:7008/entity/CustomerService?wsdl

Refer to this post for 2-way SSL setup and follow below steps to import the certificate into trust store.

trust

trust1

importcert

importcert1

Note that KSS does not support certificate in binary format which is the default encoding used by JKS. We can use –rfc option of keytool command to export the certificate into printable encoding format as shown below.

keytool -export -keystore .\soakeystore.jks -file cert.cer -alias localsoa -rfc

Note:

When no Private Key Passphrase is mentioned in the SSL tab, em console is not accessible and following errors are shown in the log.

em

References:

https://docs.oracle.com/middleware/1212/owsm/OWSMS/configure-owsm-ssl.htm#OWSMS119

https://docs.oracle.com/middleware/1212/idm/JISEC/kssadm.htm#JISEC9596


Advertisements

Pages

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 342 other followers

Enter your email address to follow this blog and receive notifications of new posts by email.