X

The Integration blog covers the latest in product updates, best practices, customer stories, and more.

  • January 23, 2020

One Stop Solution for OIC Certificate Management

Shubham Agrawal
Senior Member of Technical Staff

Oracle Integration Certificate Management empowers admins to manage all their certificates and PGP keys at one place. The PGP Keys are used in Stage File for encryption and decryption.

Prerequisite

Enable following feature:

  • oic.suite.settings.certificate  (Suite level certificate landing page)

To enable feature flags - Refer to Blog on Enabling Feature Flags in Oracle Integration

The minimum Oracle Integration version required for the feature is 190924.1600.31522

Simplified and Progressive User Experience : 

  • OIC provides the user with an easy tool for managing life cycle of certificate, through the Certificates page under Settings menu. 

  •   Sorting and Filters capabilities:
    • Sort by: It allows sorting by Expiry date in ascending or descending order:
      • Expiring Soon
      • Expiring Later
    • It also allows filter by: Status, Type, Category, and Installed by.
    • By default table is loaded with Installed by User filter.

      

 

  • Progressive UI in the Certificates page.

 

  • Certificate details with better grouping of information.

Key Functionalities : 

All functionalities on the page are displayed in a list view page along with seamless interaction with drawer.

Type of Certificates:

  • X509 (TLS)  – An SSL/TLS X.509 certificate is a digital file that's usable for Secure Sockets Layer (SSL) or Transport Layer Security (TLS). The certificate can assist with authenticating and verifying the identity of a host or site thus enables Oracle Integration to connect with external service.
    • Identity (Ex. .jks) - An identity certificate is a keystore which can contain various certificates with passwords.
    • Trust  (Ex. .crt or .cert)
  • SAML - SAML refers to the XML variant language used to encode information.
    • Its a Message Protection certificate which has SAML token support.
  • PGP - Pretty Good Privacy (PGP) is used for signing, encrypting, and decrypting texts.
    • Private - Content can be decrypted with private PGP key.
    • Public - Content can be encrypted with public PGP key. 

Certificates Upload:

      Step by Step Guide: 

  • Click on the upload on top-right corner.
  • A drawer opens up with the details to fill up.
  • Enter alias name which identifies the certificate.
  • Give a brief description (optional) about the certificate you are uploading.
  • Select the type of Certificate you want to upload. You can choose from the list: X.509, SAML, and PGP.
  • Choose the category of certificate. For a X.509 → Trust, Identity, SAML → Message Protection, and PGP → Public, Private.
  • Choose a file from your local system to upload , please note: can be left blank in case of PGP which will be create as a draft certificate.

Upload Certificate




 

Certificate Table:

  • Name : Alias name provided for the certificate. In case of Identity certificate it is the key name.
  • Type: Type of the certificate uploaded (X.509, SAML, PGP).
  • Category: Uploaded certificate category (Trust, Identity, Message Protection, Public, Private).
  • Status: Status of the certificate. It could be either Draft or Configured.
  • Certificate Expiry Tag: Display the time in which the certificate will expire. For Expired certificate it highlights in red.
     

      

 

Join the discussion

Comments ( 1 )
  • Juan Sáenz de Jubera Thursday, February 20, 2020
    We had problems when our customers updated the certificate of their backends (used by processes).

    We had to use Oracle support to make the changes effective once they updated certs via OIC management, creating a Service Request, so our customers were disappointed (because it seemed that they could manage certificates seamlessly but Oracle support was needed after all).

    Is it now possible to update certificates without Oracle staff interaction?

    Thanks!
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.