Table of Contents

Search

  1. Preface
  2. Introduction to MDM Hub Security
  3. Resources
  4. Roles
  5. Users and User Groups
  6. Security Providers
  7. Application Level Security
  8. Certificate-Based Authentication
  9. Password Hashing
  10. Glossary

Setting Up a WebLogic T3S Channel on Linux

Setting Up a WebLogic T3S Channel on Linux

The WebLogic T3S is a SSL based protocol, which you can set up for the MDM Hub.
The following steps assume that you are familiar with how to create and use a keystore, configure a server instance for SSL, and create a channel. For more information, see the WebLogic documentation.
  1. Before you begin, you must have a keystore that you want to use for identity purposes.
  2. In the WebLogic Administration Console, navigate to the server instance that you use with MDM and configure SSL with the following properties:
    • Identity and Trust Location
      =
      Keystore
    • Private Key Location
      =
      from Custom Identity Keystore
    • Private Key Alias
      = <Alias defined in the keystore>
    • Private Key Passphrase
      = <Passphrase defined in the keystore>
    • Certificate Location
      =
      from Custom Identity Keystore
    • Trusted Certificate Authorities
      =
      from Java Standard Trust Keystore
  3. Open an Administrator Command Prompt (cmd) window and use the
    keytool
    command to import the keystore into the JDK and JRE directories under
    lib/security/cacerts
    .
    The following sample code shows the syntax:
    keytool -import -alias <SSL Private Key Alias> -keystore "<JDK installation directory>/jre/lib/security/cacerts" -file "/data/oracle/Oracle/Middleware/Oracle_Home/user_projects/domains/base_domain/servers/<WebLogic server instance>/keystores/wls12c_server.cer" -v keytool -import -alias <SSL Private Key Alias> -keystore "<JRE installation directory>/lib/security/cacerts" -file "/data/oracle/Oracle/Middleware/Oracle_Home/user_projects/domains/base_domain/servers/<WebLogic server instance>/keystores/wls12c_server.cer" -v
    If you need help with the
    keytool
    command, see the Java documentation.
  4. Navigate to the
    <WebLogic domain>/bin/startWebLogic.sh
    file and set the following Java option:
    -Doracle.jdbc.J2EE13Compliant=true
  5. In the WebLogic Administration Console, create a T3S channel that matches the SSL configuration. Set the following properties:
    • Name
      = <Name for the channel>
    • Protocol
      = t3s
    • Listen Address
      = <Host name defined in the keystore>
    • Listen Port
      = <Port defined in the keystore>
    • Select
      Tunneling Enabled
    • Select
      Two Way SSL
    • Verify that the
      Server Private Key Alias
      displays the alias that you specified when you configured SSL.
  6. Save the channel, and verify that the channel appears in the list of network channels.
  7. If you use Informatica Data Director with the Entity 360 views, navigate to the
    <WebLogic domain>/bin/setDomainEnv.sh
    file and set the following MDM options:
    • e360.mdm.protocol=t3s
    • e360.mdm.host=<T3S channel Listen Address>
    • e360.mdm.port=<T3S channel Listen Port>
  8. Restart WebLogic.
  9. Test that the channel is working by pinging it.
    java weblogic.Admin -url t3s://<T3S Channel Listen Address>:<T3S Channel Listen Port> -username <WebLogic username> -password <WebLogic password> PING
  10. You can now launch the Hub Console by using HTTPS and the secure port.
    https://<T3S Channel Listen Address>:<T3S Channel Listen Port>/cmx/

0 COMMENTS

We’d like to hear from you!