implementing ssl with weblogic and e1 business services
DESCRIPTION
Implementing SSL with WebLogic and E1 Business Services. 2013JDE-100530. Agenda. Introductions Experience & References Our Company Current Activity Customer Case Studies Quick Overview of Terms High Level Discussion of need for SSL - PowerPoint PPT PresentationTRANSCRIPT
QuestDirect.org
Implementing SSL with WebLogic and E1 Business Services
2013JDE-100530
2
Agenda• Introductions• Experience & References
• Our Company• Current Activity• Customer Case Studies
• Quick Overview of Terms• High Level Discussion of need
for SSL• Overview of MTR and how/where
to obtain needed certificates• Live Setup and configuration• Questions and Answers• Survey
QuestDirect.org
EnterpriseOne Upgrade Experience and References
3
• Average 15+ years industry experience as CFOs, senior managers, operation specialists and project leaders
• Average 16+ years JDE experience across multiple functional areas
• Highly qualified and certified in multiple areas such as business and consulting disciplines, project management, various tools and technologies
• Senior, industry-recognized technologists, systems architects, developers, and published theorists
• Experience across multiple industries including Manufacturing, Distribution, Pharmaceutical, CPG, Retail, Energy and Gas, Food & Beverage among others
Team Expertise
QuestDirect.org
EnterpriseOne Upgrade Experience and References
Nationwide Organization focused exclusively on JDE Clients & Services
Experience• 750+ years of core JDE Experience around all versions and applications• US based consultants have an average of 15+ years of JDE experience; most are Oracle Certified• 28+ year relationship with Oracle’s JD Edwards Team• Oracle Platinum Partner
Service Specialties• Upgrades, Assessments, Implementations (local , regional, and global)…140+ • Managed Services, Remote DBA Services, iSeries Services, Field Consulting, Application Services• JD Edwards Performance Optimization, Load Balancing, Archiving, High Availability & Hosting• Custom self service end user Training Programs• Confident enough to have a 100% Guarantee on all services
Technologies• Blue Stack / Red Stack / Purple Stack• WebSphere / Oracle Application Server / WebLogic / Fusion Middleware• Terminal Server / Citrix / VMware / Oracle VM• XPI / webMethods / Web Services Gateway / Business Services Server XML & BI Publisher
Affiliations• Member of Oracle’s Technical Task Force• Moderator of Veteran JD Edwards Consultants Group (LinkedIn)• Gold Partner of Quest International Users Group
QuestDirect.org
EnterpriseOne Upgrade Experience and References
Industries
Wholesale Distribution
IndustrialMfg.
Consumer Packaged
Goods
Construct. and
EngineeringHealthcare
, Medical and Life Sciences
Energy and Gas
High Technolog
y
Food and Beverage
Advancing Business Through
QuestDirect.org
EnterpriseOne Upgrade Experience and References
6
QuestDirect.org
QuestDirect.org
EnterpriseOne Upgrade Experience and References
8
A Small Representation of GSI Clients
QuestDirect.org
EnterpriseOne Upgrade Experience and References
QuestDirect.org
EnterpriseOne Upgrade Experience and References
Partnerships
10
QuestDirect.org
Overview of Terms• BSSV (Business services servers) are JD
Edwards EnterpriseOne business function objects that are used for interoperability between JD Edwards EnterpriseOne and other applications or systems
QuestDirect.org
Overview of Terms• LDAP (Lightweight Directory Access
Protocol) is a software protocol for enabling anyone to locate organizations, individuals, and other resources such as files and devices in a network, whether on the public Internet or on a corporate intranet
QuestDirect.org
Overview of Terms• SSL(Secure Socket Layer) is a commonly-
used protocol for managing the security of a message transmission on the Internet. Typically noted by HTTPS:// when using a browser
QuestDirect.org
Overview of Terms• SSL Certificates are small data files that
digitally bind a cryptographic key to an organization’s details. When installed on a web server, it activates the padlock and the https protocol (over port 443) and allows secure connections from a web server to a browser
QuestDirect.org
WHY do we need to implement SSL?
Data transmitted between your web browser is done so in plain text. Meaning it is easily susceptible to being captured or viewed by a unauthorized person. More and more companies are implementing LDAP enabled username/passwords meaning your Microsoft network password could be captured.
QuestDirect.org
WHY do we need to implement SSL?
Business services often communicate and pass sensitive data back and forth using clear text for processing. This could be customer account information, employee social security numbers and credit card numbers and banking transit and routing information.
QuestDirect.org
WHY do we need to implement SSL?
More and more organizations utilizing remote data centers and facilities, meaning more and more data is being transmitted across the internet rather than in-house secured equipment. This leave data vulnerable to authorized persons capturing and or viewing business sensitive information.
QuestDirect.org
Review of MTR’S• Go to My Oracle Support• Search latest MTR for Weblogic as well as
current EnterpriseOne tools release to confirm compatibility.
• Confirm browser compatibility prior to starting project.
QuestDirect.org
Obtaining a SSL Certificate• Contact your internal security expert for
guidance.• Search the web
– www.verisign.com– www.freessl.com– http://
www.godaddy.com/ssl/ssl-open-source.aspx
QuestDirect.org
Weblogic Installation
QuestDirect.org
Weblogic Installation
QuestDirect.org
Weblogic Installation
QuestDirect.org
Weblogic Installation
QuestDirect.org
Weblogic Installation
QuestDirect.org
Weblogic Installation
QuestDirect.org
Weblogic Installation
QuestDirect.org
Weblogic Installation
QuestDirect.org
Weblogic Installation
QuestDirect.org
Weblogic Installation
QuestDirect.org
Weblogic Installation
QuestDirect.org
Weblogic Installation
QuestDirect.org
Weblogic Installation
QuestDirect.org
Weblogic Installation
QuestDirect.org
Weblogic Installation
QuestDirect.org
Weblogic Installation
QuestDirect.org
Weblogic Installation
QuestDirect.org
Weblogic Installation
QuestDirect.org
Weblogic Installation
QuestDirect.org
Weblogic Installation
QuestDirect.org
Weblogic Installation
QuestDirect.org
Weblogic Installation
QuestDirect.org
Weblogic Installation
QuestDirect.org
Weblogic Installation
QuestDirect.org
Weblogic Installation
QuestDirect.org
Weblogic Installation
QuestDirect.org
Weblogic Installation
QuestDirect.org
Weblogic Installation
QuestDirect.org
SSL Creating a Key StoreFrom Command Line(windows) execute the following
keytool -genkey -alias server_cert -keyalg RSA -keysize 2048 -dname "CN=smc-ss-vmbssv.seaspan.com,OU=ORACLE,O=ORACLE,L=North Vancouver,ST=BC,C=CA" -keypass OraE1Admin -keystore keystore.jks -storepass OraE1Admin keytool -list -v -keystore keystore.jks -storepass OraE1Admin keytool -certreq -v -alias server_cert -file server.csr -keypass OraE1Admin -storepass OraE1Admin -keystore keystore.jks
QuestDirect.org
SSL Creating a Key StoreThis will produce a file that user to request a certificate from your provider(ex godaddy)
Execute again the following commands to generate after receiving file from provider.
keytool -list -keystore E:\Java\jrockit-jdk1.6.0_33-R28.2.4-4.1.0\jre\lib\security\cacerts -storepass changeit -v keytool -import -keystore E:\Java\jrockit-jdk1.6.0_33-R28.2.4-4.1.0\jre\lib\security\cacerts -file C:\Temp\gd-class2-root.crt -storepass changeit -alias rootcacertkeytool -import -keystore E:\Java\jrockit-jdk1.6.0_33-R28.2.4-4.1.0\jre\lib\security\cacerts -file C:\Temp\gd_intermediate.crt -storepass changeit -alias rootcacert2
QuestDirect.org
SSL Creating a Key StoreThis will produce a file that user to request a certificate from your provider(ex godaddy)
Execute again the following commands to generate after receiving file from provider.keytool -list -keystore E:\Java\jrockit-jdk1.6.0_33-R28.2.4-4.1.0\jre\lib\security\cacerts -storepass changeit -v keytool -import -keystore E:\Java\jrockit-jdk1.6.0_33-R28.2.4-4.1.0\jre\lib\security\cacerts -file C:\Temp\gd-class2-root.crt -storepass changeit -alias rootcacertkeytool -import -keystore E:\Java\jrockit-jdk1.6.0_33-R28.2.4-4.1.0\jre\lib\security\cacerts -file C:\Temp\gd_intermediate.crt -storepass changeit -alias rootcacert2 keytool -import -v -noprompt -trustcacerts -alias rootcacert -file c:\temp\gd-class2-root.crt -keystore "E:\Oracle\Middleware\keystore\keystore.jks" -storepass OraE1Admin keytool -import -v -noprompt -trustcacerts -alias rootcacert2 -file c:\temp\gd_intermediate.crt -keystore E:\Oracle\Middleware\keystore\keystore.jks -storepass OraE1Admin copy gd_bundle.crt certchain.p7btype smc-ss-vmbssv.seaspan.com.crt >> certchain.p7bThe file certchain.p7b will be the concatenation of the intermediate CA and the signed server cert. Then import the newly created file under the key alias as follows: keytool -import -keystore E:\Oracle\Middleware\keystore\keystore.jks -file c:\temp\certchain.p7b -alias server_cert -trustcacerts -keypass OraE1Admin -storepass OraE1Admin
QuestDirect.org
SSL Import Keystores
QuestDirect.org
SSL Setup
QuestDirect.org
SSL Setup
QuestDirect.org
SSL Setup
QuestDirect.org
Questions