- Oracle linux http server
- 1.4.3 Setting up a New HTTP Server
- Install and Configure Oracle HTTP Server for Oracle Access Management 12c
- Objective
- Prerequisites
- Download the Oracle HTTP Server 12c Software
- Install Oracle HTTP Server 12c
- Configure HTTP Server
- Start the Servers
- Configure SSL for OHS
- Configure Node Manager for SSL
- Create a Stripe
- Create a Keystore for OHS
- Import the Certificates
- Import the Trusted Certificate to WebLogic Domain
- Export the Keystore to a Wallet
- Enable SSL for OHS
- Next Tutorial
- Feedback
- Acknowledgements
Oracle linux http server
- Preface
- Pre-installation Configuration
- System Requirements
- Obtaining Oracle Linux 6 Installation Media
- Planning the Installation
- Configuring a Network Installation Server
- Setting up a New NFS Server
- Configuring an Existing NFS Server
- Setting up a New HTTP Server
- Configuring an Existing HTTP Server
- Setting up a Network Installation Server
- Modifying a Full DVD Image to Support Btrfs root File System Installation
- Configuring DHCP and TFTP Services to Support PXE Clients
- Configuring Dnsmasq to Support PXE Clients
- About Boot-Loader Configuration Files
- Configuring DHCP to Support iPXE Clients
- Installation Overview
- Starting the Installation
- Continuing the Installation
- Configuring Disk Partitions
- Selecting Software Packages
- Performing FirstBoot Configuration Tasks
- Installing a Btrfs root File System
- Creating a Kickstart File
- Installation Options Section
- Packages Section
- Pre-installation Configuration Section
- Post-installation Configuration Section
- Registering with the Unbreakable Linux Network
- Obtaining Errata and Updates from the Oracle Linux Yum Server
- Obtaining Packages from the Oracle Linux Installation Media
- Applying Updates
- Installing the Unbreakable Enterprise Kernel
- Upgrading the Unbreakable Enterprise Kernel
- Configuring the System Firewall
- Changing the SELinux Mode
The software described in this documentation is either in Extended Support or Sustaining Support. See https://www.oracle.com/us/support/library/enterprise-linux-support-policies-069172.pdf for more information.
Oracle recommends that you upgrade the software described by this documentation as soon as possible.1.4.3 Setting up a New HTTP Server
These instructions assume that you are setting up an Oracle Linux 6 system as an Apache HTTP server.
#
mkdir -p /var/www/html/OSimage/OL6.6
If SELinux is enabled in enforcing mode on your system, create the directory under the /var/www/html directory hierarchy so that the httpd_sys_content_t file type is set automatically on all the files in the repository.
If the server does not have a resolvable domain name, enter its IP address instead. For example, the following entry would be appropriate for an HTTP server with the IP address 192.168.1.100.
# # This should be changed to whatever you set DocumentRoot to. #
Options Indexes FollowSymLinks
#
service httpd start
#chkconfig httpd on
#
iptables -I INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
#service iptables save
Copyright © 2013, 2021, Oracle and/or its affiliates. Legal Notices
Install and Configure Oracle HTTP Server for Oracle Access Management 12c
This tutorial shows you how to install and configure Oracle HTTP Server and WebGate 12c for use with Oracle Access Management 12c.
This is the eighth tutorial in the series Getting Started with Oracle Access Management 12c. Read them sequentially.
Objective
Most organizations use Oracle HTTP Server as a front end to access web applications. Oracle WebGate is used to protect web applications with Oracle Access Management.
Prerequisites
Download the Oracle HTTP Server 12c Software
In this section, you download Oracle HTTP Server (OHS) 12c software. In this release Oracle WebGate software is included in the Oracle HTTP Server installation.
- Launch a browser and navigate to Oracle Web Tier Downloads.
- Under Oracle HTTP Server 12.2.1.4, select Linux 64-bit. Accept the license agreement and download the Oracle HTTP Server 12.2.1.4.0 software, fmw_12.2.1.4.0_ohs_linux64_Disk1_1of1.zip .
- After the download is complete, move the zip file to a staging directory e.g: /stage/OHS12c and unzip it.
Install Oracle HTTP Server 12c
cd /stage/OHS12c ./fmw_12.2.1.4.0_ohs_linux64.bin
Configure HTTP Server
- Launch a terminal window as oracle and enter the following commands to stop the WebLogic Admin Server:
cd /u01/app/oracle/admin/domains/oam_domain/bin ./stopWebLogic.sh
cd /u01/app/oracle/product/middleware/oracle_common/common/bin ./config.sh
Start the Servers
- Launch a terminal window as oracle and run the following commands to start the WebLogic AdminServer:
cd /u01/app/oracle/admin/domains/oam_domain/bin ./startWebLogic.sh
cp -R /u01/app/oracle/admin/domains/oam_domain/config/fmwconfig/components/OHS/ohs1 /u01/app/oracle/admin/domains/oam_domain/config/fmwconfig/components/OHS/instances
cd /u01/app/oracle/admin/domains/oam_domain/bin ./stopNodeManager.sh ./startNodeManager.sh
cd /u01/app/oracle/admin/domains/oam_domain/bin ./startComponent.sh ohs1
Successfully Connected to Node Manager. Starting server ohs1 . Successfully started server ohs1 . Successfully disconnected from Node Manager. Exiting WebLogic Scripting Tool. Done
Configure SSL for OHS
In this section you configure SSL for OHS.
Configure Node Manager for SSL
In this section we update Node Manager to use the oam_keystore.jks .
- Edit the /u01/app/oracle/admin/domains/oam_domain/nodemanager/nodemanager.properties , add the following lines and save the file:
KeyStores=CustomIdentityandCustomTrust CustomIdentityKeyStoreFileName=/u01/app/oracle/admin/domains/oam_domain/keystore/oam_keystore.jks CustomIdentityAlias=server_cert CustomIdentityPrivateKeyPassPhrase= CustomTrustKeyStoreFileName=/u01/app/oracle/admin/domains/oam_domain/keystore/oam_keystore.jks
cd /u01/app/oracle/admin/domains/oam_domain/bin ./stopNodeManager.sh ./startNodeManager.sh
Create a Stripe
- Launch a browser and access Oracle Fusion Middleware Control: https://oam.example.com:7002/em . Login as weblogic / .
- Navigate to WebLogic Domain >Security >Keystore. Click on Create Stripe.
- Enter a Stripe Name called OHS and click OK.
Create a Keystore for OHS
- From the navigation menu (top left), select HTTP Server >ohs1.
- From the drop down menu select Oracle HTTP Server >Security >Keystore.
- Click on Create Keystore, enter Keystore Name as ohs1_keystore and click OK.
- Select the new keystore and click Manage.
- Click on Generate Keypair and CSR. Enter the fields as follows and click OK:
- Alias: ohs_cert
- Common name: oam.example.com
- Country: US
The rest of the fields can be left as is.
cd /stage/ssl openssl x509 -req -days 36500 -in ohs_cert.csr -CA ca.crt -CAkey ca.key -set_serial 02 -out ohs_cert.crt
Signature ok subject=/C=US/CN=oam.example.com Getting CA Private Key
Import the Certificates
- From the navigation menu (top left), select HTTP Server >ohs1
- From the drop down menu select Oracle HTTP Server >Security >Keystore and click Manage.
- Click on Import.
- In the Certificate Type, select Trusted Certificate . Enter the alias as ca_cert and either paste the contents of the root CA certificate ca.crt or select the ca.crt file and click OK. Note: If your CA has more than one CA certificate in the chain, then you must repeat the above for each certificate using a different alias each time.
- Click on Import again, and import the ohs_cert.crt . From the alias drop down menu select ohs_cert and either paste the contents of the ohs_cert.crt or select the file and click OK.
Import the Trusted Certificate to WebLogic Domain
- From the navigation menu (top left), select WebLogic Domain >oam_domain.
- From the WebLogic Domain drop down menu select Security >Keystore.
- Expand system and select trust. Click Manage.
- In the Manage Certificates: system/trust, click Import.
- In the Certificate Type, select Trusted Certificate . Enter the alias as ca_cert and either paste the contents of the root CA certificate ca.crt or select the ca.crt file and click OK. Note: If your CA has more than one CA certificate in the chain, then you must repeat the above for each certificate using a different alias each time.
Export the Keystore to a Wallet
- From the navigation menu (top left), select HTTP Server >ohs1.
- From the drop down menu select Oracle HTTP Server >Security >Keystore.
- Click the padlock (top right hand corner) and select Lock and Edit.
- Select the ohs1_keystore and click Export Keystore to Wallet. Note: This does not download a file, but creates the cwallet.sso directly on the file system where OHS resides.
- Click the padlock (top right hand corner) and select Activate Changes.
Enable SSL for OHS
- Click the padlock (top right hand corner) and select Lock and Edit.
- Navigate to Oracle HTTP Server >Administration >Virtual Hosts.
- Select :4443 and click Configure >SSL Configuration.
- In the Server Wallet Name, from the drop down menu select the path to the ohs1_keystore . Click OK.
- Click the padlock (top right hand corner) and select Activate Changes.
- Click Restart to restart OHS.
- Launch a browser and check the OHS is accessible via HTTPS by accessing the URL https://oam.example.com:4443 .
Next Tutorial
Feedback
To provide feedback on this tutorial, please contact idm_user_assistance_ww_grp@oracle.com.
Acknowledgements
Install and Configure Oracle HTTP Server for Oracle Access Management 12c
Copyright © 2022, Oracle and/or its affiliates.