Recently, we needed change the authentication protocol that was used by a BI Publisher enviroment.. The environment was authenticating the users from Active Directory and it was using LDAP. Well, we needed to make it more secure.. That is, we needed to convert it to LDAPs. (Lightweight Directory Access Protocol (Over SSL))
It seems there are 2 ways to do that.. Actually there are 2 ways to configure BI Publisher to use LDAP or LDAPS.
One way is to use BI Publisher's administration page..
We just click Security Configuration under Security Center which is accessible through the Administration page. Then we create a local superuser and we use authorization region to select our security model. ( LDAP in this case)
Change host (if required)
Change port(636) --default LDAPS port
select “SSLEnabled” check box -- we are enabling LDAP over SSL, right..
Go to Summary of Servers-bi_server1-Configuration-Keystore. (bi_server1 is the name of the BI Publisher 's managed server .. Yours might be different)
Check the "Java Standard Trust Keystore" and note the value of it.. (We will use that in your keytool import command later.)
Set the proper environment in the shell;
Example:JAVA_PATH=/obi/wls/Oracle_BI1/jdk/bin/
KEYTOOL_PATH=/obi/wls/Oracle_BI1/jdk/bin/keytool
KEYSTORE_PATH=/obi/wls/Oracle_BI1/jdk/jre/lib/security/cacerts
Import the required certificate for the LDAPS communication.. (The certificate of the LDAP server -- Active Directory usually .. Note that, Customer or AD admin will give that certificate to you..)
/obi/wls/Oracle_BI1/jdk/bin/keytool -import -alias ermanad_2020 -file /tmp/ermanad.cer -trustcacerts -v -keystore /obi/wls/Oracle_BI1/jdk/jre/lib/security/cacerts
Display the imported certificate just in case..
obi/wls/Oracle_BI1/jdk/bin/keytool -list -v -keystore /obi/wls/Oracle_BI1/jdk/jre/lib/security/cacerts -alias ermanad_2020Restart Weblogic Services and that's it ! :)