This time I am going to post a solution towards one of the nagging annoyances with Oracle application R12 (12.0.6 in our specific case) & JRE securities those were implemented by JRE 7 (1.7.x)
Our instance was upgraded to use JRE 6 almost 5 years back during 12.0.4 to 12.0.6 upgrade and ever since there were dozens of JRE updates & the current JRE 1.8.0_161 (AS on 19th January 2018) & with each update, whatever the runtime parameters we add specifically for Oracle Application used to get removed, forcing us to renter it for each user.
I’ve been searching for a proper solution, not only towards the runtime parameter fix, for the security prompts those started annoying our end users whenever they tried to launch the forms, once after we forcefully updated many users who were sticking to 1.6 JRE
So after referring many documents, using some of the past experiences dealing with security certificates, I believe, have figured out how to get rid of those annoyances, minimum for a while.
Runtime parameters being removed after each JRE update
Add a new environment JAVA_TOOL_OPTIONS with a value -Djava.vendor=”Sun Microsystems Inc.”
You may add it under your specific user or system wide, which I usually prefer so that I don’t have to worry about the next user who will be using the same system (for some reasons)
Addressing JAVA security prompts
Trying to open the forms with latest JRE without adding exceptions will produce the following JAVA security error
Now we need to add the application URL with complete port details to the security tab of JRE
Now, we will be presented with the “toughest” situation to resolve, which will be explained later.
Clicking the More Information, JAVA presents more details about the digital certificate issues, stating the publisher of the digital certificate as UNKNOWN, hence this warning appears for the end user each time whenever the user tries to open a Forms based module.
You may require Domain Administrator/Administrator privileges to continue the below fixes
1st we have to retrieve the certificate from Oracle application server. Login as application manager user to LINUX environment (We’re setting up the entire stuffs for R12 application that is running on 64Bit Linux)
download $APPL_TOP/admin/appltop.cer file to local computer (If your implementation team has cloned the instances across, the appltop.cer will remain the same across different servers, so the single certificate integration with the user computer should deal with all different instances of the Oracle application (Test, Development & Production)
Once the certificate is downloaded or copied to the local computer, you need to install it. We’ll install the certificate twice, in two different locations.
Follow the images below for more details
We will install the certificate for the “Local Machine”, so that all users using the same computer will get benefitted
For the 1st instance, We MUST install this certificate to “Trusted Root Certification Authorities” Container.
Once the certificate is imported, We should install the certificate once again, Select “Local System” and follow the prompts. We don’t have to specify the container this time.
Now, trying to open a forms based module will present you another warning
Checking “Do not show this again for apps from the publisher and location above” will suppress this dialog until the certificate remains the same for the application server.
Hope this helps few out there!