Tuesday, March 8, 2011

Is it Possible to Clone an SSL Enabled E-Business Suite Middle Tier?

Print this post
The Rapidclone utility does not support like for like cloning of an SSL enabled E-business suite middle tier.
Note 230672.1 Cloning Oracle Applications Release 11i with Rapid Clone
Note 406982.1 Cloning Oracle Applications Release 12 with Rapid Clone

The problem can be broken down into 3 issues

1:- File system changes.

The location of the SSL files on the clone is different to that from the source. From the bug we can see the following were not the same between source and target.

s_frmWalletDir
s_web_ssl_directory
s_web_ssl_keyfile
s_web_ssl_certfile
s_web_ssl_certchainfile

2:- SSL Port is wrong in the clone.

s_webssl_port - Gets Defaulted to 443, ideally it should take Apache Port given during adcfgclone run.

3:- SSL certificates are the same on the clone as they are on source.

This might be a security issue depending on your security requirements.

However Rapidclone will create a clone of an SSL enabled middle tier, but the target will require additional configuration to allow it to function correctly. To progress the issue further you must decide if

A:- You want the middle tier clone to be SSL enabled.

Re-implement SSL on the clone following the note below.

Note 123718.1 11i: A Guide to Understanding and Implementing SSL for Oracle Applications

B:- You want the middle tier clone to be HTTP only.

Remove the SSL configuration added in

Note 123718.1 11i: A Guide to Understanding and Implementing SSL for Oracle Applications

No comments: