Re: Updating SSL Cert in 11i?

Steve,

You only need to change the server.crt file. Server.crt and server.key are
really the only files you need to ever change in ur ssl configuration.
ca.crt will be used if u r setting up oracle wallet to provide ssl
connection for a dmz application like irecruitment.

Thanks

Navdeep


On 7/18/07, Zydek, Steven <steven.zydek@xxxxxxxxxxxxx> wrote:


Thanks! This is how it seemed to me. I'm not sure why the consultant
changed it (before I was hired here). Oh well, it seems to work. When I
check the validity of the CA, it says it's valid until 2020, so we should be
good without changing it.

Thanks again!!
+Steve

-----Original Message-----
From: ora-apps-dba-bounce@xxxxxxxxxxxxx [mailto:
ora-apps-dba-bounce@xxxxxxxxxxxxx] On Behalf Of Pedro Espinoza
Sent: Wednesday, July 18, 2007 1:28 PM
To: ora-apps-dba@xxxxxxxxxxxxx
Subject: Re: Updating SSL Cert in 11i?

No, you dont need to update the certificate of certification of
authory, which ca.cert is, unless the thawte revoked its certificate.





On 7/18/07, Zydek, Steven <steven.zydek@xxxxxxxxxxxxx> wrote:
>
>
>
>
> Hello All,
>
>
>
> I'm in the process of updating the SSL cert for 11i (11.5.10.2) for the
> first time. We have our certs signed by Thawte and thus automatically
> generated annually. We just received our new one to carry us through
2008. I
> simply made a copy of our old Apache server.crt, copied the new cert
text
> into server.crt and bounced Apache. It appears that the new cert took
effect
> without any errors and I am able to use forms.
>
>
>
> My question lies in the CA file. Last year, a consultant updated this as
> well. It's not clear to me if I need to touch this file or not? Does
anyone
> have any experience with updating the server.crt file? Do you usually
also
> update the CA.crt? If so, what is the process? I couldn't find a good
> looking note in MetaLink.
>
>
>
> Thanks for all your help in advance!
>
> +Steve

Other related posts: