One-way SSL is required to properly secure the communication between Oracle Analytics Server and Oracle WebLogic Server.

1. From the Oracle WebLogic Server Administration Console home page, click Servers under the Environment heading.
2. In the Servers table, select the name of the server you want to manage.
3. On the General tab in the Configuration tab, select SSL Listen Port Enabled.
4. Use the Administration Tool to update the appropriate connection pool object in the Physical layer to use https:// instead of http://.
5. Update the port number to use the SSL port number, 7002, by default.

You can set up two-way SSL to secure the communication between the Oracle BI Server and Oracle WebLogic Server.

ORACLE_HOME/user_projects/domains/bifoundation_domain/config/fmwconfig/biinstances/coreapplication/ssl

/scratch/user_name/view_storage/user_name_fmw/fmwtools/mw_home/wlserver_10.3/server/lib

1. Optional: (Optional) Create client certificates in the Oracle BI Server, if they don't already exist.
2. Log in to the Oracle WebLogic Server Administration Console and click Servers under the Environment heading, then click the server name.
3. In the Change Center, click Lock & Edit to enable configuration changes.
4. In the General tab, select SSL Listen Port Enabled, record the SSL Listen Port number, and then click Save.
5. Select the SSL tab, then select Advanced.
6. For Two Way Client Cert Behavior, select Client Certs Requested and Enforced, and then click Save.
7. Select the Keystores tab and record the location and file name for the Trust Keystore.
8. Click Activate Changes.
9. On the Oracle BI Server computer, find the CA file for the client certificate verify that the Certificate Authority (CA) for the Oracle BI Server client certificate is trusted by the ADF Oracle WebLogic Server.
10. Copy the cert.pem file to a known location.
11. On the ADF Oracle WebLogic Server computer, open a command window and go to the location of the trust keystore.
12. Copy the client CA file, for example, cacert.pem to the trust keystore location.
13. Use the following command in the JDK keytool utility to import the client CA into the trust keystore for the ADF server, making it a trusted CA:

    keytool -import -file client_CA_file -keystore 
    keystore_file -keystorepass keystore_password
    

    For example:

    /scratch/my_name/view_storage/my_name_fmw/jdk6/bin/keytool -import -file
    ~/Downloads/SSL/cacert.pem -keystore DemoTrust.jks -keystorepass
    DemoTrustKeyStorePassPhrase
    

14. In the Administration Tool, in the Physical layer, open the first ADF connection pool object and select the Miscellaneous tab to update the Physical layer of the Oracle BI repository.
15. Update the URL field to use the https protocol and the SSL port, and then click OK.
16. Repeat the previous two steps for each additional ADF connection pool object.
17. Save the repository and restart the Oracle BI Server.
18. Configure the Oracle BI Server ODBC DSN to use SSL.

    For example, on Windows do the following:

    1. Open the ODBC Data Source Administrator and select the System DSN tab.

    2. Double-click the DSN for the Oracle BI Server.

       The DSN should start with coreapplication_OH.

    3. Select Use SSL.

    4. Click Next, click Next again, and then click Finish.