Oracle B32100-01 Benutzerhandbuch
Install Fragment: OCA Screens
Installing OracleAS Infrastructure
4-27
4.30 Install Fragment: OCA Screens
If you select Oracle Application Server Certificate Authority (OCA) in the Select
Configuration Options screen when you are installing an OracleAS Infrastructure, the
installer displays the screens listed in
Configuration Options screen when you are installing an OracleAS Infrastructure, the
installer displays the screens listed in
Note that you cannot install more than one OCA against the same OracleAS Metadata
Repository. When you are installing Oracle Identity Management components only
against an existing OracleAS Metadata Repository, be sure that the metadata
repository does not already have an instance of OCA configured against it.
Repository. When you are installing Oracle Identity Management components only
against an existing OracleAS Metadata Repository, be sure that the metadata
repository does not already have an instance of OCA configured against it.
Example: You install OracleAS Metadata Repository and Oracle Identity Management
components including OCA on a computer. Then if you try to install additional Oracle
Identity Management components (including OCA) on the same or different computer
against the same OracleAS Metadata Repository, this installation would fail.
components including OCA on a computer. Then if you try to install additional Oracle
Identity Management components (including OCA) on the same or different computer
against the same OracleAS Metadata Repository, this installation would fail.
Table 4–15
OCA Screens
Screen
Action
1.
Select OracleAS Metadata
Repository
Repository
This screen appears only if you are configuring OCA and you are using an existing
Oracle Internet Directory and you are using an existing OracleAS Metadata
Repository. The Oracle Internet Directory must contain the registration for the
OracleAS Metadata Repository that you want to use.
Oracle Internet Directory and you are using an existing OracleAS Metadata
Repository. The Oracle Internet Directory must contain the registration for the
OracleAS Metadata Repository that you want to use.
Select the OracleAS Metadata Repository that you want OCA to use.
Click Next.
2.
Specify OCA
Distinguished Name
Distinguished Name
OCA uses the DN specified on this screen to populate the Issuer field of certificates
that it issues.
that it issues.
Typical DN
: Use this section if your DN uses only the attributes listed in this
section. You do not have to fill in all the attributes specified in this section. Only
the o (organization) attribute is required. Note that the ’ (single quote) character is
not a valid character in any of the attributes.
the o (organization) attribute is required. Note that the ’ (single quote) character is
not a valid character in any of the attributes.
■
Common Name (CN)
: Enter the name that you want on the certificate. This
name must be different from your hostname. Example: John Doe.
■
Organizational Unit (OU)
: Enter the name of your division or department.
Example: Sales.
■
Organization (O)*
: Enter the name of your company or organization.
Example: Oracle Corporation.
■
Country (C)
: Select your country from the drop-down list.
Custom DN
: If your DN uses attributes not listed in the Typical DN section,
specify your DN in this section.
Click Next.
3.
Select OCA Key Length
Key Length (bits)
: Select the key length used in RSA algorithm to sign all
certificates issued by OCA. Oracle recommends that you use at least a 2048-bit key
length. Longer key lengths provide greater security, but require more time to issue
each new certificate.
length. Longer key lengths provide greater security, but require more time to issue
each new certificate.
Click Next.