This is for windows but it shouldn’t be difficult to adapt to linux.
Overview:
If your environment is installed on a single server you will only need to follow the steps on that server. If you have a distributed environment you will need to perform the following steps on the Foundation server, as well as the Essbase server.
Steps:
- Acquire the certificate used to encrypt LDAPS traffic from your Active Directory administrator.
- Place the file on the server
- Install the certificate into the “Trusted Root Certification Authorities”
- Install the certificate in three java certificate stores using the following commands:
- You may need to change the store pass if it was changed from the default.
- You may need to change the path to java to fit your environment.
cd /D d:\Oracle\Middleware\jdk160_35\bin keytool -import -noprompt -trustcacerts -alias ldapsMSAD -file "Your Cert Path" -keystore D:\Oracle\Middleware\jrockit_160_37\jre\lib\security\cacerts -storepass changeit
cd /D d:\Oracle\Middleware\jdk160_35\bin keytool -import -noprompt -trustcacerts -alias ldapsMSAD -file "Your Cert Path" -keystore D:\Oracle\Middleware\jdk160_35\jre\lib\security\cacerts -storepass changeit
cd /D d:\Oracle\Middleware\jdk160_35\bin keytool -import -noprompt -trustcacerts -alias ldapsMSAD -file "Your Cert Path" -keystore D:\Oracle\Middleware\jdk160_35\jre\lib\security -storepass changeit
5. In workspace change your current directory or create a new one:
6. Check the SSL Enabled box, and change the port to what your AD Admin gave you
7. Restart services on all servers
