Oracle linux http server

Oracle linux http server

  • Preface
  • Pre-installation Configuration
    • System Requirements
    • Obtaining Oracle Linux 6 Installation Media
    • Planning the Installation
    • Configuring a Network Installation Server
      • Setting up a New NFS Server
      • Configuring an Existing NFS Server
      • Setting up a New HTTP Server
      • Configuring an Existing HTTP Server
      • Setting up a Network Installation Server
      • Modifying a Full DVD Image to Support Btrfs root File System Installation
      • Configuring DHCP and TFTP Services to Support PXE Clients
      • Configuring Dnsmasq to Support PXE Clients
      • About Boot-Loader Configuration Files
      • Configuring DHCP to Support iPXE Clients
      • Installation Overview
        • Starting the Installation
        • Continuing the Installation
        • Configuring Disk Partitions
        • Selecting Software Packages
        • Performing FirstBoot Configuration Tasks
        • Installing a Btrfs root File System
        • Creating a Kickstart File
          • Installation Options Section
          • Packages Section
          • Pre-installation Configuration Section
          • Post-installation Configuration Section
          • Registering with the Unbreakable Linux Network
          • Obtaining Errata and Updates from the Oracle Linux Yum Server
          • Obtaining Packages from the Oracle Linux Installation Media
          • Applying Updates
          • Installing the Unbreakable Enterprise Kernel
          • Upgrading the Unbreakable Enterprise Kernel
          • Configuring the System Firewall
          • Changing the SELinux Mode

          The software described in this documentation is either in Extended Support or Sustaining Support. See https://www.oracle.com/us/support/library/enterprise-linux-support-policies-069172.pdf for more information.
          Oracle recommends that you upgrade the software described by this documentation as soon as possible.

          1.4.3 Setting up a New HTTP Server

          These instructions assume that you are setting up an Oracle Linux 6 system as an Apache HTTP server.

          # mkdir -p /var/www/html/OSimage/OL6.6

          If SELinux is enabled in enforcing mode on your system, create the directory under the /var/www/html directory hierarchy so that the httpd_sys_content_t file type is set automatically on all the files in the repository.

          If the server does not have a resolvable domain name, enter its IP address instead. For example, the following entry would be appropriate for an HTTP server with the IP address 192.168.1.100.

          # # This should be changed to whatever you set DocumentRoot to. # 
          Options Indexes FollowSymLinks
          # service httpd start # chkconfig httpd on
          # iptables -I INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT # service iptables save

          Copyright © 2013, 2021, Oracle and/or its affiliates. Legal Notices

          Источник

          Install and Configure Oracle HTTP Server for Oracle Access Management 12c

          This tutorial shows you how to install and configure Oracle HTTP Server and WebGate 12c for use with Oracle Access Management 12c.

          This is the eighth tutorial in the series Getting Started with Oracle Access Management 12c. Read them sequentially.

          Objective

          Most organizations use Oracle HTTP Server as a front end to access web applications. Oracle WebGate is used to protect web applications with Oracle Access Management.

          Prerequisites

          Download the Oracle HTTP Server 12c Software

          In this section, you download Oracle HTTP Server (OHS) 12c software. In this release Oracle WebGate software is included in the Oracle HTTP Server installation.

          1. Launch a browser and navigate to Oracle Web Tier Downloads.
          2. Under Oracle HTTP Server 12.2.1.4, select Linux 64-bit. Accept the license agreement and download the Oracle HTTP Server 12.2.1.4.0 software, fmw_12.2.1.4.0_ohs_linux64_Disk1_1of1.zip .
          3. After the download is complete, move the zip file to a staging directory e.g: /stage/OHS12c and unzip it.

          Install Oracle HTTP Server 12c

          cd /stage/OHS12c ./fmw_12.2.1.4.0_ohs_linux64.bin 

          Configure HTTP Server

          1. Launch a terminal window as oracle and enter the following commands to stop the WebLogic Admin Server:
          cd /u01/app/oracle/admin/domains/oam_domain/bin ./stopWebLogic.sh 
          cd /u01/app/oracle/product/middleware/oracle_common/common/bin ./config.sh 

          Start the Servers

          1. Launch a terminal window as oracle and run the following commands to start the WebLogic AdminServer:
          cd /u01/app/oracle/admin/domains/oam_domain/bin ./startWebLogic.sh 
          cp -R /u01/app/oracle/admin/domains/oam_domain/config/fmwconfig/components/OHS/ohs1 /u01/app/oracle/admin/domains/oam_domain/config/fmwconfig/components/OHS/instances 
          cd /u01/app/oracle/admin/domains/oam_domain/bin ./stopNodeManager.sh ./startNodeManager.sh 
          cd /u01/app/oracle/admin/domains/oam_domain/bin ./startComponent.sh ohs1 
          Successfully Connected to Node Manager. Starting server ohs1 . Successfully started server ohs1 . Successfully disconnected from Node Manager. Exiting WebLogic Scripting Tool. Done 

          Configure SSL for OHS

          In this section you configure SSL for OHS.

          Configure Node Manager for SSL

          In this section we update Node Manager to use the oam_keystore.jks .

            Edit the /u01/app/oracle/admin/domains/oam_domain/nodemanager/nodemanager.properties , add the following lines and save the file:

          KeyStores=CustomIdentityandCustomTrust CustomIdentityKeyStoreFileName=/u01/app/oracle/admin/domains/oam_domain/keystore/oam_keystore.jks CustomIdentityAlias=server_cert CustomIdentityPrivateKeyPassPhrase= CustomTrustKeyStoreFileName=/u01/app/oracle/admin/domains/oam_domain/keystore/oam_keystore.jks 
          cd /u01/app/oracle/admin/domains/oam_domain/bin ./stopNodeManager.sh ./startNodeManager.sh 

          Create a Stripe

          1. Launch a browser and access Oracle Fusion Middleware Control: https://oam.example.com:7002/em . Login as weblogic / .
          2. Navigate to WebLogic Domain >Security >Keystore. Click on Create Stripe.
          3. Enter a Stripe Name called OHS and click OK.

          Create a Keystore for OHS

          1. From the navigation menu (top left), select HTTP Server >ohs1.
          2. From the drop down menu select Oracle HTTP Server >Security >Keystore.
          3. Click on Create Keystore, enter Keystore Name as ohs1_keystore and click OK.
          4. Select the new keystore and click Manage.
          5. Click on Generate Keypair and CSR. Enter the fields as follows and click OK:
            • Alias: ohs_cert
            • Common name: oam.example.com
            • Country: US

          The rest of the fields can be left as is.

          cd /stage/ssl openssl x509 -req -days 36500 -in ohs_cert.csr -CA ca.crt -CAkey ca.key -set_serial 02 -out ohs_cert.crt 
          Signature ok subject=/C=US/CN=oam.example.com Getting CA Private Key 

          Import the Certificates

          1. From the navigation menu (top left), select HTTP Server >ohs1
          2. From the drop down menu select Oracle HTTP Server >Security >Keystore and click Manage.
          3. Click on Import.
          4. In the Certificate Type, select Trusted Certificate . Enter the alias as ca_cert and either paste the contents of the root CA certificate ca.crt or select the ca.crt file and click OK. Note: If your CA has more than one CA certificate in the chain, then you must repeat the above for each certificate using a different alias each time.
          5. Click on Import again, and import the ohs_cert.crt . From the alias drop down menu select ohs_cert and either paste the contents of the ohs_cert.crt or select the file and click OK.

          Import the Trusted Certificate to WebLogic Domain

          1. From the navigation menu (top left), select WebLogic Domain >oam_domain.
          2. From the WebLogic Domain drop down menu select Security >Keystore.
          3. Expand system and select trust. Click Manage.
          4. In the Manage Certificates: system/trust, click Import.
          5. In the Certificate Type, select Trusted Certificate . Enter the alias as ca_cert and either paste the contents of the root CA certificate ca.crt or select the ca.crt file and click OK. Note: If your CA has more than one CA certificate in the chain, then you must repeat the above for each certificate using a different alias each time.

          Export the Keystore to a Wallet

          1. From the navigation menu (top left), select HTTP Server >ohs1.
          2. From the drop down menu select Oracle HTTP Server >Security >Keystore.
          3. Click the padlock (top right hand corner) and select Lock and Edit.
          4. Select the ohs1_keystore and click Export Keystore to Wallet. Note: This does not download a file, but creates the cwallet.sso directly on the file system where OHS resides.
          5. Click the padlock (top right hand corner) and select Activate Changes.

          Enable SSL for OHS

          1. Click the padlock (top right hand corner) and select Lock and Edit.
          2. Navigate to Oracle HTTP Server >Administration >Virtual Hosts.
          3. Select :4443 and click Configure >SSL Configuration.
          4. In the Server Wallet Name, from the drop down menu select the path to the ohs1_keystore . Click OK.
          5. Click the padlock (top right hand corner) and select Activate Changes.
          6. Click Restart to restart OHS.
          7. Launch a browser and check the OHS is accessible via HTTPS by accessing the URL https://oam.example.com:4443 .

          Next Tutorial

          Feedback

          To provide feedback on this tutorial, please contact idm_user_assistance_ww_grp@oracle.com.

          Acknowledgements

          Install and Configure Oracle HTTP Server for Oracle Access Management 12c

          Copyright © 2022, Oracle and/or its affiliates.

          Источник

          Читайте также:  Samsung proxpress m4020nd astra linux
Оцените статью
Adblock
detector