everythingOracle.bizhat.com

  

'Everything you wanted
to know about Oracle'
Training References Syntax Tell A Friend Contact Us

 

 

Application Server

01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28

<< Previous

Chapter # 23

Next >>


How to manage Oracle Certificate Authority Policies


In this hands-on, you will learn how to modify the default policy to accept the renewal of an expired certificate until 15 days of expiration.

In your browser, go to OCA administration page by using the following URL:
https://<hostname.domain>:4400/oca/admin

Click on the �Configuration Management� tab:

Click on the �Policy� tab:

In the �Policy Rules� page, select Renewals from the drop-down menu �View Policies for.�

Now, you should see the �Policy� page for Renewal. You may see the default renewal policy if the values were not changed.

Check the �RenewalRequestConstraint� box and click Edit to edit the properties of this policy. If you have been prompted for certificate, select your OCA administrator certificate.

In the �Edit Policy Result: RenewalRequestConstraint� page, edit the values of your policy for the following parameters:
- Days before expiration date
- Days after expiration date
- Duration of renewal (days)

Click in the drop-down menu under any fields, and change the values. Then click on the OK button. You may be prompted to select the OCA administrator certificate.

Once the OCA displays a confirmation message, you have successfully changed your certificate authority policy.

In order your changes get enforce, you should stop and start your OCA server.

You may want to set the OCA server to accept only SSL certificate if the key size is above 1024.

In your browser, go to OCA administration page by using the following URL:
https://<hostname.domain>:4400/oca/admin

Click on the �Configuration Management� tab:

Click on the �Policy� tab:

In the �Policy Rules� page, select Request from the drop-down menu �View Policies for.�

Now, you should see the �Policy Rules� page. Select �RSAKeyConstrints� under Policy name and click the �Edit� icon. You may be prompted to select OCA administrator certificate. Go to the �Predicate Details� section, and the click �Add Another Row� to add another predicate value. Enter value (Usage==�ssl�) into the �Predicate Expression� field. Enter value for the Maximum key size default (bits) and Minimum Key size default (bits) fields.

On the �Predicate Details� section, click on the �Reorder� icon to move the Usage==�ssl� predicate above Type==�client� and then click on the �OK� icon.

In order your changes get enforce, you should stop and start your OCA server.
     Reviews and Templates for FrontPage
     

Copyright � everythingOracle.bizhat.com 2006 All Rights Reserved.