In this post we shall see how to change security mode for an agent from OPEN to SIMPLE.
1) Login
to /oamconsole with admin user:
Navigate
to System Configuration-->Access Manager-->SSO Agents-->OAM
Agents
Select
Agent name for which you want to change security mode from Open to
Simple and change as below:
It
will generate new artifacts at below mentioned locations:
$DOMAIN_HOME/output/$AGENT_NAME
$
ls -lrth
-rw-------
1 devoam dba 3.1K Dec 8 12:17 cwallet.sso
-rw-r-----
1 devoam dba 2.8K Dec 8 12:17 ObAccessClient.xml
-rw-r-----
1 devoam dba 272 Dec 8 12:17 password.xml
-rw-r-----
1 devoam dba 806 Dec 8 12:17 aaa_cert.pem
-rw-r-----
1 devoam dba 958 Dec 8 12:17 aaa_key.pem
2)
Copy ObAccessClient.xml, password.xml and cwallet.sso to below
mentioned location
$OHS_HOME/instances/$INSTANCE_NAME/config/OHS/ohs1/webgate/config
Copy
aaa_cert.pem and aaa_key.pem to below mentioned location:
$OHS_HOME/instances/$INSTANCE_NAME/config/OHS/ohs1/webgate/config/simple
3) Restart
OHS
$OHS_HOME/instances/$INSTANCE_NAME/bin
$./opmnctl
stopall
$./opmnctl
startall
4)
Test URL ( Protected by that agent)
Note
: In case aaa_key.pem and aaa_cert.pem are not copied properly ,
then below error will be observed while accessing any resource.
ERROR:
[2015-12-08T12:44:57.2391+03:00]
[OHS] [ERROR:32] [OHS-9999] [core.c] [client_id: 127.0.0.1] [host_id: localhost] [host_addr: HOSTNAME] [tid: 29] [user: devoam] [ecid:
0004pZYc0vjCwkG6yzfd6G0003UW000006] [rid: 0] [VirtualHost: main]
OBWebGate_AuthnAndAuthz: Oracle AccessGate API is not initialized.
[2015-12-08T12:44:57.2401+03:00]
[OHS] [ERROR:32] [OHS-9999] [core.c] [client_id: 127.0.0.1] [host_id:localhost] [host_addr: HOSTNAME] [tid: 29] [user: devoam] [ecid:
0004pZYc0vjCwkG6yzfd6G0003UW000006] [rid: 0] [VirtualHost: main]
Request Failed for : /index.html, Resp Code : [500]
Doc
id: Setting the OAM Agent’s Communication Mode with the OAM Server
Set to Simple, returns HTTP-500 Error (Doc ID 1378237.1)
No comments:
Post a Comment