We want to secure Oracle SGD with aim to be able accessible thru https port only and use testing cert. This process is based on SGD 4.50 and 4.60 as we have tested. This step is to enable secure connection from client to SGD Web Server and SGD Server components.
After installation process completed and SGD started properly, we can start to configure SGD to:
- Enabling and Start Security in SGD Web Server
- /opt/tarantella/bin/tarantella security enable
- /opt/tarantella/bin/tarantella security start
- Apply Security connections
- Edit httpd.conf replace from Listen 443 to Listen 127.0.0.1:443
- /opt/tarantella/bin/tarantella config edit –security-applyconnections 1
- /opt/tarantella/bin/tarantella config edit –array-port-encrypted 443
- /opt/tarantella/bin/tarantella config edit –array –security-firewallurl https://127.0.0.1:443
- /opt/tarantella/bin/tarantella restart webserver -https
- Create secure mapping from Client to SGD Server Edit Profile
- Login to administration console
- Choose User Profiles of the user that you want to configure (can be done thru System Objects)
- Choose Security
- Click Add, than map pattern Client Address and SGD, than choose connection type Secure, example:
Client Device Address | Secure Global Desktop Server Address | Connection Type | |
---|---|---|---|
Connections Defined Directly | |||
* | sgd.server.com | Secure |
Filed under: Solaris | Tagged: Certificate, oracle, secure, Security, SGD, solaris | Leave a comment »