ENABLE HTTPS ON ORACLE M SERIES SERVERS(XSCF)

Share

If you have not enabled https on your M series servers, this is how you enable it.

 

Description From Oracle :
Hypertext Transfer Protocol (HTTP) over an authenticated/encrypted connection allows you to use the XSCF web browser securely. This is called the HTTPS service. Authentication is provided with a certificate authority and private keys. To use the HTTPS service, you must enable it, and provide an optional port number. The default port is 443. To enable HTTPS service, use the sethttps command”


1) Login to your xscf of the server through ssh
Assuming you have already configured network on xscf and enable ssh. If not, you can login through console/console server, configure network interface on xscf and then you can proceed with further steps.


2) Once you are in xscf, check the status of https
XSCF> showhttps
HTTPS status: disabled
 


3) Generate a self signed certificate.
XSCF> sethttps -c selfsign US California Irvine mycompany [email protected]
CA key and CA cert already exist. Do you still wish to update? [y|n] :y
Enter passphrase:
Verifying – Enter passphrase:


4) Check the HTTPS Status
XSCF> showhttps
HTTPS status: disabled
Server key: installed in Jul 16 12:46:20 MST 2013
CA key: installed in Jul 16 12:46:18 MST 2013
CA cert: installed in Jul 16 12:46:18 MST 2013
CSR:
—–BEGIN CERTIFICATE REQUEST—–
MIIB0zCCATwCAQAwgZIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlh
MQ8wDQYDVQQHEwZDdWx2ZXIxDTALBgNVBAoTBENpdHkxDDAKBgNVBAsTA1NQRTER
MA8GA1UEAxMIRUlTLVVOSVgxLTArBgkqhkiG9w0BCQEWHmVpcy11bml4LXNlcnZp
Y2VzQHNwZS5zb255LmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA54QN
BSBfflQBtIgL3LqRKTqHixMP/TTmeMANy8yz723hcLDBTT9EarKkDb2IVqHE
ENb5mp8N7hJpGDzUPhn3XdD0+XoP2iaFeqQtihMqCob/bC21Me6gQDIdZoRK4sRj
FJ0ODjdB9sDj4KFKUkE4TIh3Jimz8wHn4VXbqGECAwEAAaAAMA0GCSqGSIb3DQEB
BAUAA4GBALMsMV5NugRnZwJfGiQbB6KNILMbCHg8xrF9IarFopt7uLDOxUoKvjQb
NDoGF+/tjxrADEZqSAmWeqiVZyI/0e2lU58si4TFZwEtjv6wopJVRkyg9XLfNe7
FB5DkBOI2Rihn6+SP0C3c/OOWNKo5BKekbeXennuWMJJbHDvRW6U
—–END CERTIFICATE REQUEST—–
It will be still disabled, we haven’t enabled the https yet.


5) Now we shall enable https:
XSCF> sethttps -c enable
Continue? [y|n] :y
Please reset the XSCF by rebootxscf to apply the https settings.


6) Reset XSCF
XSCF> rebootxscf
The XSCF will be reset. Continue? [y|n] :y
execute S10ioxoffXSCF>   —  complete
Jul 16 12:48:35 myhost XSCF[104]: XSCF shutdown sequence start
execute K000end  —  complete
execute K100end  —  complete
execute K101end  —  complete
<Lines Omitted>


7) Once the XSCF is up check the https status, now it will be enabled.
XSCF> showhttps
HTTPS status: enabled
Server key: installed in Jul 16 12:52:04 MST 2013
CA key: installed in Jul 16 12:52:04 MST 2013
CA cert: installed in Jul 16 12:52:04 MST 2013
CSR:
—–BEGIN CERTIFICATE REQUEST—–
MIIB0zCCATwCAQAwgZIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlh
MQ8wDQYDVQQHEwZDdWx2ZXIxDTALBgNVBAoTBENpdHkxDDAKBgNVBAsTA1NQRTER
MA8GA1UEAxMIRUlTLVVOSVgxLTArBgkqhkiG9w0BCQEWHmVpcy11bml4LXNlcnZp
Y2VzQHNwZS5zb255LmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA54QN
BSBfflQBtIgL3LqRKTqHixMP/TTmeMANy8yz723hcLDBTT9EarKkDb2IVqHE
ENb5mp8N7hJpGDzUPhn3XdD0+XoP2iaFeqQtihMqCob/bC21Me6gQDIdZoRK4sRj
FJ0ODjdB9sDj4KFKUkE4TIh3Jimz8wHn4VXbqGECAwEAAaAAMA0GCSqGSIb3DQEB
BAUAA4GBALMsMV5NugRnZwJfGiQbB6KNILMbCHg8xrF9IarFopt7uLDOxUoKvjQb
NDoGF+/tjxrADEZqSAmWeqiVZyI/0e2lU58si4TFZwEtjv6wopJVRkyg9XLfNe7
FB5DkBOI2Rihn6+SP0C3c/OOWNKo5BKekbeXennuWMJJbHDvRW6U
—–END CERTIFICATE REQUEST—–


8) Login to XSCF from your web browser and confirm everything is operational.
https://<your_xscf_hostname_or_ip>


REFERENCES :
Share

Comments

comments

Tags: , , , , , , , , , ,

Leave a Reply