Solution ID : SO2615
Please note that you should be using at least version 4.0.8 of Oracle Application Server (OAS) .
Version 4.0.7.x does not accept our certificates, despite that fact that the Linux version of OAS 22.214.171.124 experienced no problems when we tested it.
To generate a CSR on an Oracle Web Server, perform the following steps:
Note: A key length of 1024 bit is the default, but Thawte requires a minimum 2048 bit key.
In this first step you generate a request for Thawte to issue a certificate. It involves generating a public/private key-pair and identifying the server, the organization using it, and its webmaster. The private key is encrypted and should never leave your server, except for backup purposes.
The public key will become part of the certificate and is therefore sent to Thawte, together with the rest of the information identifying your organization and your server.
To generate a certificate request, you will run the interactive utility genreq and enter the information for which it prompts you.
When the prompt specifies a default value, you can just press return to enter that value, or enter a different value if you prefer.
For an example of how to use genreq, see the following sample genreq session.
Note: Before you start, create a directory to store all SSL related files in, for example $ORACLE_HOME/ows2/ssl. To avoid typing long path names or moving files later, you can start genreq from this directory.
To run genreq, do the following:
Certificate Signing Request content
The next steps will tell genreq where it should write certain files. If you've created an ssl directory and have started genreq from this directory, you can accept the defaults. Otherwise, you may want to include full pathnames, or plan to move the files that genreq created later.
Common Name - The fully qualified host name of your organization's Internet point of presence as defined by the Domain Name Service (DNS).
Organizational Unit - The name of the group, division, or other unit of your organization responsible for your Internet presence, or an informal or shortened name for your organization.
Example: Oracle Government
Organization - The official, legal name of your company or organization. Most CAs require you to verify this name by providing official documents, such as a business license.
Example: Thawte Corporation
Locality - The city, principality, or country where your organization is located.
Example: Mountain View
State or Province - The full name of the state or province where your organization is located. Thawte does not accept abbreviations.
Country - The two-character ISO-format abbreviation for the country where your organization is located. The country code for the
WebMaster's Name - The name of the Web Master responsible for the site. This person will serve as a technical contact.
Example: <leave it empty>
WebMaster's Email Address - The email address where Thawte can contact the Web Master.
Example: <leave it empty>
Server Software Version - The name and version number of the application for which you are getting the certificate (you should accept the default value).
Once you submit the CSR and your documentation and receive your certificate, you can follow these instructions to install the certificate on your server: SO2616