Skip to main content

Adventures in F5, OHS and weblogic

http://fusionsecurity.blogspot.com/2011/04/ssl-offloading-and-weblogic-server.html
https://blogs.oracle.com/ateamsoab2b/entry/configuration_notes_for_offloading_of

So I wanted to enable ssl between my F5 and ohs and between ohs and my weblogic.
I needed to do this because we redirect 80 to https on the F5 and I had a couple of external web services deployed. When you deploy the web service and are using https only on the F5 and http pass through to the rest your wsdl url will be secure but you may not be able to easily generate services from the wsdl (because the content of the wsdl will all point to http which we blocked).

IMPORT your certificates into a new wallet - using orapki - http://docs.oracle.com/cd/E11882_01/network.112/e10746/asoappf.htm

So on your F5
  Make sure you point to the ohs on the secure socket port (4443 by default).
  Easiest way to block http is with a https redirect iRule (http://fixmyitsystem.com/2012/11/handy-simple-f5-redirect-irules.html)

OHS

mod_wl_ohs I added on my web service location
  WLProxySSLPassThrough ON
I also pointer to the SSL ports

ssl.conf I added   

  RequestHeader set IS_SSL ssl 
  RequestHeader set WL-Proxy-SSL true
  SSLEngine on 





Weblogic

Set WebLogic Plugin Enabled (see initial link)
Enable SSL (enviroment>servers>yourserver> tick ssl listen port enabled)



*Shortcut for slackers*

Fool ohs into thinking you have a secure connection instead of setting up ssl everwhere (8892 is webcenter http port):


    WebLogicCluster serverName:8892,serverName:8892
    SetHandler weblogic-handler
    WLProxySSLPassThrough ON
    RequestHeader set IS_SSL ssl
    RequestHeader set WL-Proxy-SSL true


Labels:

Comments

Post a Comment

Popular posts from this blog

MANIFEST.MF merge JDeveloper for an executable jar

Goto your project > properties. Then click on deployment in the menu. Edit or add a jar deployment profile. Fill in the details under jar options (select Include manifest and give it a main class name) Also remember that the merge functionality only works with a BLANK line at the end of the merge file. REALLY this caught me. My merge file contents: Class-Path: commons-codec-1.3.jar [...empty line here CRLF...]
1 comment
Read more

JBO-25013: TooManyObjectsException

oracle.jbo.TooManyObjectsException: JBO-25013: Too many objects match the primary key oracle.jbo.Key[Key null ]. Ok so for you it may be trying to insert a duplicate record this should explain your problem (also check trigger they could be the cause.) NOTE: You can also try to create a new duplicate EO if you have a page with two VO's using the same EO. This could sort your problems. For me I needed to add a launch listener on my LOV and clear the cache of my vo. LOV <af:inputListOfValues id="NameId" popupTitle="#{bindings.Name.hints.label}" value="#{bindings.RolName1.inputValue}" label="#{bindings.RolName1.hints.label}" model="#{bindings.RolName1.listOfValuesModel}" required="#{bindings.RolName1.hints.mandatory}" columns="#{bindings.RolName1.hints.displayWidth}" shortDesc="#{bindings.RolName1.hints.tooltip}" launchPopupListener="#{backingBeanScope.backingBean.launchPop...
Post a Comment
Read more

ADF Encountered deferred syntax #{ in template text.

OracleJSP error: oracle.jsp.parse.JspParseException:  Error: Encountered deferred syntax #{ in template text.  If intended as a literal, escape it or set directive  deferredSyntaxAllowedAsLiteral This normally happens when you have some tag lib dependancy problems but this was  not the case for me... My problem: For some reason my model project had web stuff in it(public html etc)  so I had to remove the public html stuff from my project and manually edit the Model.jpr project file and remove the tag lib entries at the bottom o the file. Go figure.    
3 comments
Read more