Configuration workflow mailer on R12 (Mailer server working in SSL and Application running without SSL)
Steps:
----------------------
In order to Configure Workflow Java Mailer with IMAP and SMTP email servers SSL enabled, need to perform the below steps
1. Export the Certificate from the Email server.
2. Create a keystore on the Concurrent Manager Tire. Import the certificate to keystore
3. Configure the Mailer to work with IMAPSSL / SMTPSSL.
4. Steps for Debugging the Mailer.
5. R12.1.3 feature - Mailer Authentication
Protocol: SMTP/SSL Port : 465
Protocol: IMAP/SSL Port : 993
----------------------
In order to Configure Workflow Java Mailer with IMAP and SMTP email servers SSL enabled, need to perform the below steps
1. Export the Certificate from the Email server.
2. Create a keystore on the Concurrent Manager Tire. Import the certificate to keystore
3. Configure the Mailer to work with IMAPSSL / SMTPSSL.
4. Steps for Debugging the Mailer.
5. R12.1.3 feature - Mailer Authentication
Protocol: SMTP/SSL Port : 465
Protocol: IMAP/SSL Port : 993
1. Export the Certificate from the Email server.
In order to be able to establish a Secure communication channel, the certificate from the Email Server (issued by a Certification Authority) needs to be imported on the Concurrent Manager Tire.
The email server certificate issued by a trusted Certification Authority (i.e. Verisign), can be obtain from the System Administrator or downloaded by following the below steps
In order to be able to establish a Secure communication channel, the certificate from the Email Server (issued by a Certification Authority) needs to be imported on the Concurrent Manager Tire.
The email server certificate issued by a trusted Certification Authority (i.e. Verisign), can be obtain from the System Administrator or downloaded by following the below steps
A. Access your main web page https://<host.domain:port>.
B. Double-click on the padlock at the bottom of the page to view the Certificates.
If there is no padlock, then on the top toolbar:
select File->Properties->Certificates
C. Select the Certification Path tab and:
a) click on the first line and then View Certificate. - This will be the certificate for the root Certifying Authority (CA).
b) On Details tab click Copy to File, this will start the export wizard.
c) Click Next to continue.
d) Select Base-64 encoded X.509 (.CER) and click next.
e) Enter ca1 as the name and click ok to export the certificate.
f) Repeat steps a thru e for each line on the Certification Path tab incrementing the file name each time by 1, i.e. ca2, ca3.
Alternative you may created and use Self-signed Certificates for securing the communication
Please use the steps from : Quick Testcase Steps for Configuring Workflow Java Mailer and IMAP with SSL (Doc ID 1265949.1)
B. Double-click on the padlock at the bottom of the page to view the Certificates.
If there is no padlock, then on the top toolbar:
select File->Properties->Certificates
C. Select the Certification Path tab and:
a) click on the first line and then View Certificate. - This will be the certificate for the root Certifying Authority (CA).
b) On Details tab click Copy to File, this will start the export wizard.
c) Click Next to continue.
d) Select Base-64 encoded X.509 (.CER) and click next.
e) Enter ca1 as the name and click ok to export the certificate.
f) Repeat steps a thru e for each line on the Certification Path tab incrementing the file name each time by 1, i.e. ca2, ca3.
Alternative you may created and use Self-signed Certificates for securing the communication
Please use the steps from : Quick Testcase Steps for Configuring Workflow Java Mailer and IMAP with SSL (Doc ID 1265949.1)
2. Create a keystore on the Concurrent Manager Tire. Import the certificate to keystore
a. Create a keystore that holds the certificate, use the default location (i.e. /home/applmgr)
keytool -genkey -alias -keystore -storetype JKS
b. Upload the Certificate to the Concurrent Manager tire using a ftp tool then import the certificate into the created keystore:
keytool -import -alias my_cert -file server.cer -keystore .keystore -storepass workflow
c.Verify the cetificate
keytool -list -keystore .keystore
d. Set MAILER_SSL_TRUSTSTORE (i.e. /home/applmgr/.keystore )
From sqlplus:
$FND_TOP/sql/afsvcpup.sql
$ cd $FND_TOP/sql
$ cd $FND_TOP/sql
Ex: $ sqlplus apps/apps @afsvcpup.sql
Commands are specific for the Java version Installed on the CCM tire (in this ex. 1.6.x)
3. Configure the Mailer to work with IMAPSSL / SMTPSSL
Navigation: Log on to OAM >System Administrator > Workflow Manager > Notification Mailer Link
a. Enter Outbound Server Name and validate check-box Outbound SSL Enable
b. Enter Inbound Server name , Username, Password, Reply-to Address and validate check-box Inbound SSL Enable.
------------------------------
This is the outstanding Action plan:
1) Re-enable the IMAP SSL by doing the following:
Changing the Workflow Mailer parameters to:
INBOUND_SSL_ENABLED =Y
PROCESSOR_IN_THREAD_COUNT =1
Steps
========
Log into Apps as SYSADMIN -System Administration - OAM - Workflow - Service components -
Select Workflow Notification Mailer - Edit -Advanced - page 3/8 set the Inbound Thread Count parameter to 1.
On Page 3/8 in the Inbound Email Account section - check the Inbound SSL checkbox
2) When you enable SSL, the notification mailer connects to the IMAP server through port 993 by default. Is this the port that your IMAP
Sever is configured to listen for SSL connections on ? ***check this with the Mail server Administrator ***
If not, You can optionally specify a different port number along with the IMAP server name in the Inbound E-mail Account (IMAP): Server Name parameter.
3) Make sure to copy the
Conc. node: /home/applprod/certificates/.keystore
to the
Web node: /home/applprod/certificates/.keystore
as indicated in your Workflow Mailer parameter setting: MAILER_SSL_TRUSTSTORE=/apps/applmgr/.keystore
4) Restart all the services and test the issue.
1) Re-enable the IMAP SSL by doing the following:
Changing the Workflow Mailer parameters to:
INBOUND_SSL_ENABLED =Y
PROCESSOR_IN_THREAD_COUNT =1
Steps
========
Log into Apps as SYSADMIN -System Administration - OAM - Workflow - Service components -
Select Workflow Notification Mailer - Edit -Advanced - page 3/8 set the Inbound Thread Count parameter to 1.
On Page 3/8 in the Inbound Email Account section - check the Inbound SSL checkbox
2) When you enable SSL, the notification mailer connects to the IMAP server through port 993 by default. Is this the port that your IMAP
Sever is configured to listen for SSL connections on ? ***check this with the Mail server Administrator ***
If not, You can optionally specify a different port number along with the IMAP server name in the Inbound E-mail Account (IMAP): Server Name parameter.
3) Make sure to copy the
Conc. node: /home/applprod/certificates/.keystore
to the
Web node: /home/applprod/certificates/.keystore
as indicated in your Workflow Mailer parameter setting: MAILER_SSL_TRUSTSTORE=/apps/applmgr/.keystore
4) Restart all the services and test the issue.
Comments
Post a Comment