Yeah, I'm sure that works for customers who have requirements to apply the
latest CPU patches for Oracle products as part of the their Security
requirements enforced by the CISO organization.
As a an IT guy, I understand your point - I get it. As part of a corporate
organization, selling the fact that we didn't apply the latest Security
CPUs because of any reason doesn't really work (even if we have the box
locked down). I assume you recognize that as a problem.
Regards,
Chris
On Mon, Nov 16, 2015 at 1:43 AM, Tim Hall <tim@xxxxxxxxxxxxxxx> wrote:
Dude! It's a black box. Block off comms to the server using the OS
firewall, so the only way to get to it is SSH and the relevant ports. All
internal comms within EM can be left alone. You are just making work for
yourself.
The agent comms should be secured, but that happens anyway...
Cheers
Tim...
On Mon, Nov 16, 2015 at 4:01 AM, Chris Taylor <
christopherdtaylor1994@xxxxxxxxx> wrote:
Can you reach the Fusion Middleware Overview inside EM 12c (12.1.0.5) or
not? If so, I can't find it but apparently I need to be able to at some
point? Securing EM 12c is going to get the better of me yet. (note that
in the 12c Recommended Patches it specifically says to update the JDK which
breaks a god awful amount of stuff in the communications.
Background:
1. Installed EM12c (12.1.0.5)
--Everything seems to be working fine
2. Proceed to Applying Enterprise Manager 12c Recommended Patches (Doc ID
1664074.1) and Enterprise Manager 12.1.0.5.0 (PS4) Master Bundle Patch List
(Doc ID 2038446.1)
3. Proceed to break the EM12 installation. Seems to be related to CERTS
and/or WALLETS and/or KEYSTORES.
So, I was trying to figure out how to create the wallets/certs/keystores
so that all the components can successfully talk to each other following
these notes:
a.) OHS 11g Mod_wl_ohs via SSL to WebLogic Server Fails - WLLogFile
Shows " [READ_ERROR_FROM_SERVER] (socket read failure) "
(which points to)
b.) Configuring Mod_wl_ohs to Use SSL between Oracle HTTP Server and
Weblogic Server in FMW 11g (11.1.1.X) (Doc ID 1268723.1)
(which points to)
c.) Configuring Oracle HTTP Server to Use SSL in Fusion Middleware 11g
(11.1.1.X) (Doc ID 1226933.1)
(which points to)
d.)
Master Note for SSL Configuration in Fusion Middleware 11g (Doc ID
1218695.1)
