Upload an SSL Certificate
Certificates are used to validate outbound SSL connections. If you make an SSL connection in which the root certificate does not exist in Oracle Integration, an exception is thrown. In that case, you must upload the appropriate certificate. A certificate enables Oracle Integration to connect with external services. If the external endpoint requires a specific certificate, request the certificate and then upload it into Oracle Integration.
To upload an SSL certificate:
- In the left navigation pane, click Home >
Settings > Certificates.
All certificates currently uploaded to the trust store are displayed in the Certificates dialog. The link enables you to filter by name, certificate expiration date, status, type, category, and installation method (user-installed or system-installed). Certificates installed by the system cannot be deleted.
- Click Upload at the top of the page.
The Upload Certificate dialog box is displayed.
- Enter an alias name and optional description.
- In the Type field, select the certificate
type. Each certificate type enables Oracle Integration to connect with external services.
- X.509 (SSL transport)
- SAML (Authentication & Authorization)
- PGP (Encryption & Decryption)
X.509 (SSL transport)
- Select a certificate category.
- Trust: Use this option to upload a
trust certificate.
- Click Browse, then select the trust file
(for example,
.cer
or.crt
) to upload.
- Click Browse, then select the trust file
(for example,
- Identity: Use this option to upload a certificate
for two-way SSL communication.
- Click Browse, then select the keystore
file (
.jks
) to upload. - Enter the comma-separated list of passwords
corresponding to key aliases.
Note
When an identity certificate file (JKS) contains more than one private key, all the private keys must have the same password. If the private keys are protected with different passwords, the private keys cannot be extracted from the keystore. - Enter the password of the keystore being imported.
- Click Browse, then select the keystore
file (
- Click Upload.
- Trust: Use this option to upload a
trust certificate.
SAML (Authentication & Authorization)
- Note that Message Protection is automatically selected as the only available certificate category and cannot be deselected. Use this option to upload a keystore certificate with SAML token support. Create, read, update, and delete (CRUD) operations are supported with this type of certificate.
- Click Browse, then select the certificate file
(
.cer
or.crt
) to upload. - Click Upload.
PGP (Encryption & Decryption)
- Select a certificate category. Pretty Good Privacy (PGP) provides
cryptographic privacy and authentication for communication. PGP is used for
signing, encrypting, and decrypting files. You can select the private key to use
for encryption or decryption when configuring the stage file action.
- Private: Uses a private key of the
target location to decrypt the file.
- Click Browse, then select the PGP file to upload.
- Enter the PGP private key password.
- Public: Uses a public key of the
target location to encrypt the file.
- Click Browse, then select the PGP file to upload.
- In the ASCII-Armor Encryption Format field, select Yes or No. Yes shows the format of the encrypted message in ASCII armor. ASCII armor is a binary-to-textual encoding converter. ASCII armor formats encrypted messaging in ASCII. This enables messages to be sent in a standard messaging format. This selection impacts the visibility of message content. No causes the message to be sent in binary format.
- From the Cipher Algorithm list, select the algorithm to use. Symmetric-key algorithms for cryptography use the same cryptographic keys for both encryption of plain text and decryption of cipher text.
- Click Upload.
- Private: Uses a private key of the
target location to decrypt the file.