1. Administering Oracle Analytics Publisher in Oracle Analytics Server
  2. Other Security Topics
  3. Configure Publisher for Secure Socket Layer (SSL) Communication

Configure Publisher for Secure Socket Layer (SSL) Communication

It's recommended that you enable Secure Socket Layer (HTTPS) on the middle tier hosting the Web services because the trusted username/password that's passed can be intercepted.

This also applies to Web services that are used for communication between Publisher and Oracle BI Presentation Services.

Import Certificates for Web Services Protected by SSL

If you make calls to web services that are protected through Secure Sockets Layer (SSL), then you must export the certificate from the web server hosting the web service and import it into the Java keystore on the computer that's running Publisher.

  1. Navigate to the HTTPS site where the WSDL resides.
  2. Download the certificate by following the prompts; the prompts that you see vary depending on your browser type.
  3. Install the Certificate into your keystore using the Java keytool, as follows:
    keytool -import -file <certfile> -alias <certalias> -keystore <keystore file>
  4. Restart the application server.

These steps shouldn't be required if the server certificate is linked to some certificate authority (such as Verisign). But if the Web service server is using a self-generated certificate (for example, in a testing environment), then these steps are required.

Add the Virtualize Property to the Identity Store Configuration

You must add the property "virtualize" to the Identity Store Configuration in Fusion Middleware Control to enable SSL for Publisher.

  1. Log in to Fusion Middleware Control:

    https://<Host>/<SecureAdminPort>/em

  2. Select WebLogic Domain, Security, and then Security Provider Configuration.

  3. Expand the Security Store Provider segment.

  4. Expand the Identity Store Provider segment.

  5. Click Configure.

    1. Click Add (+) to add a new property.

    2. In the Add New Property dialog, enter

      Property Name — virtualize

      Value — true


      Description of ssl_new_prop.jpg follows
      Description of the illustration ssl_new_prop.jpg

  6. On the Identity Store Provide page, click OK.


    Description of ssl_virt.jpg follows
    Description of the illustration ssl_virt.jpg

  7. Confirm that the property is added to the jps-config.xml file:

    1. Open the jps-config.xml file located in

      <DomainHome>/config/fmwconfig/jps-config.xml

    2. Ensure that the file contains the line:

      <property name="virtualize" value="true"/>

Update the JDBC Connection String to the Data Source

For Publisher to connect to Oracle Analytics Server as a data source when SSL is enabled, you must update the default connection string.

Follow the guidelines detailed in Set Up a JDBC Connection to Oracle Analytics Server.

Update the JMS Configuration

You update the Scheduler JMS configuration to use the SSL URL.

  1. On the Publisher Administration page, under System Maintenance, click Scheduler Configuration.

  2. Update the WebLogic JNDI URL to use SSL. For example,


    Description of ssl_jms.jpg follows
    Description of the illustration ssl_jms.jpg

  3. Click Apply.

  4. Select the Scheduler Diagnostics tab.

  5. Verify that the connection passed diagnostics.

Configure the Delivery Manager

If you want to use the default certificates built-in with Publisher, then no further configuration is required.

SSL works with the default certificate if the server uses the certificate signed by a trusted certificate authority such as Verisign.

If the user uses the SSL with a self-signed certificate, then the certificate information must be entered in the Delivery Configuration page, as described in Configure Delivery Options. A self-signed certificate means that the certificate is signed by a non-trusted certificate authority (usually the user).