Oracle MVA

Tales from a Jack of all trades

setting mBean attributes after securing OIM with SSL

with 2 comments

When you setup SSL for Oracle Identity Manager, you have to click through a pretty complicated mBean path. Since I am all about scripting deployments, I created a small WLST script that sets the appropriate mBean attributes for me. Creating this script was easier because of one of Edwin Biemond’s posts.

The specific attributes are:

  • OimFrontEndURL: The URL the end-user uses to access the OIM application, usually a VIP on a http-loadbalancer
  • Rmiurl: The URL the OIM application uses to contact SOA over RMI. This is a comma separated list of SOA servers available to OIM
  • Soapurl: The URL on which the OIM application can invoke services on SOA, usually a VIP on a http-loadbalancer

Please keep in mind that you might have to set up mod_wl_ohs on an http server. Also keep in mind that you have to choose the correct ports, in my case default https for OIM and SOA SOAP (with mod_wl_ohs in place) plus 8002 for t3s for SOA RMI.

Anyway, here’s the script (and yet again: sorry for the fubar layout):



oimBean = ObjectName('oracle.iam:Location=oim_server1,name=Discovery,type=XMLConfig.DiscoveryConfig,XMLConfig=Config,Application=oim,ApplicationVersion=')

soaBean = ObjectName('oracle.iam:Location=oim_server1,name=SOAConfig,type=XMLConfig.SOAConfig,XMLConfig=Config,Application=oim,ApplicationVersion=')




After you have configured SSL correctly, I suggest you also enable the SSL port for OIM. How this can be done I explained here.

P.S. if you would setup OIM on a cluster, you would need to setup these attributes too.

Hope this helps.


Written by Jacco H. Landlust

July 5, 2012 at 9:05 pm

2 Responses

Subscribe to comments with RSS.

  1. Hi jacco

    Thanks for your post, in this post what is https://oim.area51.local, is it a webserver url in from of OIM.

    In case of clustered OIM env with webserver in front of OIM cluster both OimFrontEndURL and Soapurl will be the same i.e http://oimwebproxy/.?



    October 5, 2013 at 3:18 pm

    • oim.area51.local is my oim server (a webserver indeed), in clustered situations this would be a loadbalancer address or HTTP proxy.

      And yes, in case of a clustered setup, OimFrontEndURL and SoapURL would be the same.



      Jacco H. Landlust

      October 7, 2013 at 11:03 am

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: