Yellow bar Issue in R12
Yellow Warning Bar
The Yellow Warning Bar is a warning that your applet is not running in a trusted mode1. Create the digital certificate.
1a.Go to the master web server and set up your environment pointing to the web server’s APPL_TOP.
1b.Enter the following command:
adjkey -initialize
You are prompted for an entity name and an organization name.
adjkey takes the following actions:
- Creates a certificate (.cer file) in the admin directory under your APPL_TOP.
- Imports this certificate into the identitydb.obj file, which is located in the
user’s home directory
- Creates adsign.txt in the admin directory of your APPL_TOP.
This file is used to pass arguments to JRI for signing jar files.
NOTE: If you have multiple web servers in your Release 11i environment, you must copy identitydb.obj and adsign.txt to the appropriate directories on all other web servers.
DO NOT re-run the adjkey command on the other web servers. All Applications Java code should be signed using one digital certificate, unique to your site.Running adjkey multiple times will produce multiple certificates, causing each web server to have JAR files with different signatures.
2. Repackage JInitiator with the new digital certificate.
This step modifies JInitiator so that it recognizes your digital signature as a trusted entity. This must be done each time you create a new digital certificate.
During this step you run the adjbuild.sh script. Please follow the instructions on how to do this in the “Repackage JInitiator with your digital certificate” section of Chapter 6 in Installing Oracle Applications,Release 11i.
NOTE: If you have multiple web servers in your Release 11i environment, you must copy the resulting oajinit.exe
file from the $OA_HTML (%OA_HTML% if on Windows NT) directory to the $OA_HTML (or %OA_HTML%) directory of all your other Release 11i web servers.
3. Regenerate jar files
3a. Run AD Administration on each one of your Release 11i web servers
3b. Select “Maintain Applications Files” from the main menu
3c. Select “Generate product jar files” from the next menu.
This will regenerate and sign all the jar files using your new digital certificate, which your newly repackaged JInitiator client software will recognize.
NOTE: At this point, if your users attempt to connect to the Applications,they will see the yellow warning banner in their Applications windows indicating that the Java security authorization has failed.
This is because none of the clients have yet received the new certificate bundled with JInitiator. Continue to the next step to correct this.
4. Install the new JInitiator on your client PCs.
The oajinit.exe file is the file users will download to install and configure the newly repackaged JInitiator.
Before installing the new JInitiator, the users should deinstall their current JInitiator.
This is a two step process:
- Close all browser sessions and windows.
- Deinstall JInitiator using the Windows Control Panel,Add/Remove Programs applet.
a) Jinitiator needs to be completely removed from the machine using Control
Panel -> Add/Remove programs -> Remove Jinitiator 1.1.7.27 Export
b) Make sure the browser is completely shutdown – e.g. for Netscape, check the Taskbar to make sure all netscape.exe processes finish
c) Delete the whole Jinitiator directory from c:\ Program Files\Oracle\ to make sure all files are removed
d) Start Apps client and download a fresh version of Jinitiator
These are located on the Middle Tier, webserver - should be owned by APPLMGR
ADCERT.txt (certificate directive file)
UNIX : $APPL_TOP/admin/adcert.txt
ADSIGN.txt (used to pass arguments to JRI for signing JAR files.)
UNIX : $APPL_TOP/admin/adsign.txt
APPLTOP.cer (Certificate file that gets imported into the identitydb.obj
UNIX : $APPL_TOP/admin/appltop.cer
OAJINIT.exe (Repackaged Jinitiator executeable that includes identitydb.obj)
UNIX : $OA_HTML/oajinit.exe
IDENTITYDB.obj (Identity Database File that holds trusted digital certificates)
UNIX : $HOME/identitydb.obj
No comments:
Post a Comment