One thing that bugs me is browser security. When I access Oracle Enterprise Manager 12c (OEM12c) through a browser and get the certificate error (Image 1), it just pushes my buttons. Why not ship a valid certificate with OEM12c? In reality, the problem is not with OEM12c; it is actually with the browser you choose to use. In my case, I use Google Chrome a lot with OEM12c. So how can I get rid of this security certificate warning?
To get rid of this warning message, the security certificate needs to be installed in the browser. Where can I get the security certificate?
Within Google Chrome, if I right click on the lock (Image 2).
I’m presented with a menu (Image 3). From this menu, I can see that the connection has not been verified.
If I click on the “Certificate Information” link, I’m taken to an information dialog about the certificate (Image 4). The information provided, clearly states that the certificate could not be verified to a trusted certification authority.
Obviously, I need to add the certificate as a trusted authority. In order to do this, I need to first save the certificate to my hard drive. This is done from the Details tab (Image 5), you will see a Copy to File option.
When clicking on the Copy to File option, it takes me to the Certificate Export wizards (Image 6). Using this wizard, I need to export the certificate to my desktop.
I typically export the certificate in a X.509 format (Base –64) (Image 7).
Lastly, I save the certificate to my desktop (Image 8):
Finally, close the certificate wizard (Image 9).
Now that I have the certificate saved to my desktop, I can import the certificate into the browser as a trusted authority. In order to do this Google Chrome, I need to go to the Settings page in Chrome (Image 10).
Once on the Settings page, I open the Show Advanced Settings (Image 11) and look for HTTPS/SSL (Image 12) to manage certificates.
Clicking the Manage Certificates button will open the Certificates dialog (Image 13). I then need to go to the Trusted Root Certification Authorities tab. On this table I see an import button that I can use to import the certificate I saved to my desktop.
Using the import wizard (not pictured), I can import the certificate as a trusted certificate. As part of the import, I receive a Security Warning, clicking Yes will install the certificate (Image 14).
Now that the certificate is installed, the next time I attempt to access fred.acme.com to work with OEM12c, I go directly to the login page (Image 15).
If you want to know how to install the certificate for Internet Explorer or Firefox, the steps can be found here.