Using SSL with the Oracle HTTP Server

You can configure the Oracle HTTP Server to use SSL encryption between the browser and the HTTP Server by following the steps below. Before you start you have to create a Wallet and load a SSL certificated in it as explained here.

1. Input your wallet directory in the ssl.conf file, located in ORACLE_HOME\Apache\Apache\conf. Look for SSLWallet. For example:

   SSLWallet file:D:\OracleDb10gcom\myWallet\

2. Change ssl-disabled to ssl-enabled in opmn.xml located in ORACLE_HOME\opmn\conf
3. Restart the Apache HTTP server. Start => Programs => (Your Oracle Home) => Oracle HTTP Server or use opmnctl stopall and opmnctl stopall

Now you can use SSL. Try running your application, but remember to change the port to 4443 and replace http with https.

You can also stile run the application without SSL. To prevent this you need to configure the Apache HTTP server to always redirect http requests to https. This can be accomplished in several ways. AntonNielsen suggests putting these lines last in the ORACLE_HOME\Apache\Apache\conf\httpd.conf file:

RewriteEngine On
RewriteCond %{SERVER_PORT} !^4443$
RewriteRule ^/pls/apex/(.*)$ https://apex.corp.wmdata.net/pls/apex/$1 [L,R]

I could not get it working so I did this:

RewriteEngine On
RewriteRule   ^/pls/apex/(.*)$ https://apex.corp.wmdata.net:4443/pls/apex/$1 [L,R]

I am not sure if this will redirect all requests including the ones already in the right format.


Author: PeterLorenzen - 22 Apr 2007

Comments