One thing that bugs me is browser security. When I access Oracle Enterprise Manager 12c (OEM12c) through a browser and get the certificate error (Image 1), it just pushes my buttons. Why not ship a valid certificate with OEM12c? In reality, the problem is not with OEM12c; it is actually with the browser you choose to use. In my case, I use Google Chrome a lot with OEM12c. So how can I get rid of this security certificate warning?
To get rid of this warning message, the security certificate needs to be installed in the browser. Where can I get the security certificate?
Within Google Chrome, if I right click on the lock (Image 2).
I’m presented with a menu (Image 3). From this menu, I can see that the connection has not been verified.
If I click on the “Certificate Information” link, I’m taken to an information dialog about the certificate (Image 4). The information provided, clearly states that the certificate could not be verified to a trusted certification authority.
Obviously, I need to add the certificate as a trusted authority. In order to do this, I need to first save the certificate to my hard drive. This is done from the Details tab (Image 5), you will see a Copy to File option.
When clicking on the Copy to File option, it takes me to the Certificate Export wizards (Image 6). Using this wizard, I need to export the certificate to my desktop.
I typically export the certificate in a X.509 format (Base –64) (Image 7).
Lastly, I save the certificate to my desktop (Image 8):
Finally, close the certificate wizard (Image 9).
Now that I have the certificate saved to my desktop, I can import the certificate into the browser as a trusted authority. In order to do this Google Chrome, I need to go to the Settings page in Chrome (Image 10).
Once on the Settings page, I open the Show Advanced Settings (Image 11) and look for HTTPS/SSL (Image 12) to manage certificates.
Clicking the Manage Certificates button will open the Certificates dialog (Image 13). I then need to go to the Trusted Root Certification Authorities tab. On this table I see an import button that I can use to import the certificate I saved to my desktop.
Using the import wizard (not pictured), I can import the certificate as a trusted certificate. As part of the import, I receive a Security Warning, clicking Yes will install the certificate (Image 14).
Now that the certificate is installed, the next time I attempt to access fred.acme.com to work with OEM12c, I go directly to the login page (Image 15).
If you want to know how to install the certificate for Internet Explorer or Firefox, the steps can be found here.
Current Oracle Certs
I’m Bobby Curtis and I’m just your normal average guy who has been working in the technology field for awhile (started when I was 18 with the US Army). The goal of this blog has changed a bit over the years. Initially, it was a general blog where I wrote thoughts down. Then it changed to focus on the Oracle Database, Oracle Enterprise Manager, and eventually Oracle GoldenGate.
If you want to follow me on a more timely manner, I can be followed on twitter at @dbasolved or on LinkedIn under “Bobby Curtis MBA”.