Roadmap for Configuring SSL
The following table provides a high-level roadmap for configuring SSL on Integration Server.
Task | Activities | Notes |
Create Integration Server keys and certificates | ![*](bullet.gif) Generate a public key/private key pair. ![*](bullet.gif) Generate a certificate signing request (CSR) and send to the certificate authority (CA) for signing. ![*](bullet.gif) Receive validated certificate from the CA. ![*](bullet.gif) Import signed certificate into a keystore. | Required for one-way and two-way SSL connections. Refer to the documentation for Java keytool or your certificate management tool. |
Create keystore and truststore for Integration Server | ![*](bullet.gif) Create a keystore and import the signed certificate and private key. ![*](bullet.gif) Create a truststore and import the certificate of the signing CA. ![*](bullet.gif) Store the keystore and truststore in a secure IS certificates directory. ![*](bullet.gif) Create aliases for the keystore and truststore. Important: | If you use Oracle keytool to create the keystore, you cannot import an existing private key. You can use other tools such as OpenSSL or Portecle. |
| Required for one-way and two-way SSL connections. Refer to the following: ![*](bullet.gif) The documentation for your certificate management tool |
Obtain certificates of partner application or resource - and - Create certificate mapping | Use the Integration Server Administrator to save the following: ![*](bullet.gif) Signed certificate of the partner application. ![*](bullet.gif) Signed certificate of the CA for the partner's SSL certificate. | Required for two-way SSL connections. Refer to the following: |
Add an HTTPS or FTPS port (if none are defined) | If you want to allow only secure connections to the server: ![*](bullet.gif) Ensure that the primary port uses an HTTPS port. ![*](bullet.gif) Delete all other non-HTTPS ports. Add additional HTTPS or FTPS ports as required. | Required for one-way and two-way SSL connections. |