Creating and Exchanging CA Signed Certificate at Client and Server Side
This section describes the high-level procedure to be performed to achieve two-way authentication and encryption between Oracle database and the
Windchill host. The
Creating and Exchanging Self-signed Certificate at Client and Server Side help topic provides the detailed steps that you can use to achieve two-way SSL through self-signed certificates. If the requirement is to configure JDBC over SSL with CA signed certificates, below listed configurations are required.
1. Identify the certificate store for Windchill and Oracle host.
2. Based on your security requirement and available PKI infrastructure, create certificate signing request (CSR) based on common name, host details, validity, key size and other parameters.
3. Get the CSR signed by a CA signing authority which can be either a third party vendor or local root CA.
4. Import and exchange the CA signed certificates using related PKI based commands such as ORAPKI for Oracle database.
For more information, refer the following articles from Oracle documentation:
For any issues related to security certificate handshake failure, contact the respective vendor.