It has been rather quiet of late, I’m afraid. The trials and responsibilities of everyday life continue to thwart my efforts to update the blog and keep you appraised of all things “after Siebel”! However, Siebel 17 is not forgotten and I’ve been working closely with Oracle to iron out a bug or two in the IP 2017 deployment process as well a running a project to deploy IP 2017 as part of a large Enterprise programme. More on all that shortly.
In the meantime, I wanted to put the question of self signed certificates to bed and show you how to produce keystore and truststore files for an IP 2017 installation.
You’ll have to install OpenSSL and a Java SDK somewhere on your machine. The machine itself must have a Fully Qualified Domain Name: “MySiebelHost” will not do, it must be “MySiebelHost.mydomain”. In Windows, you can easily get around this without having to actually create a domain and register your machine on it by setting the “Full computer name” in the System Properties:
Anyway, without further ado, I give you “MakeKeys.bat”:
rem CHANGE_ME! :)
rem DO NOT CHANGE
rmdir %SIEBEL%\keys /s /Q
rmdir %SIEBEL%\ca /s /Q
%JAVA%\keytool -genkey -alias siebel -keystore %SIEBEL%\keys\siebelkeystore.jks -keyalg RSA -sigalg SHA1withRSA -dname "cn=%FQDN%" -storepass %PASSWORD% -keypass %PASSWORD%
%JAVA%\keytool -list -v -keystore %SIEBEL%\keys\siebelkeystore.jks -storepass %PASSWORD%
%JAVA%\keytool -certreq -alias siebel -keystore %SIEBEL%\keys\siebelkeystore.jks -file %SIEBEL%\keys\siebelkeystore.csr -storepass %PASSWORD%
%SSL%\openssl req -new -keyout %SIEBEL%\ca\cakey.pem -out %SIEBEL%\ca\careq.pem -subj "/CN=%FQDN%" -passout pass:%PASSWORD%
%SSL%\openssl x509 -signkey %SIEBEL%\ca\cakey.pem -req -days 3650 -in %SIEBEL%\ca\careq.pem -out %SIEBEL%\ca\caroot.cer -extensions v3_ca -passin pass:%PASSWORD%
%JAVA%\keytool -printcert -v -file %SIEBEL%\ca\caroot.cer
echo 1234 > %SIEBEL%\ca\serial.txt
%SSL%\openssl x509 -CA %SIEBEL%\ca\caroot.cer -CAkey %SIEBEL%\ca\cakey.pem -CAserial %SIEBEL%\ca\serial.txt -req -in %SIEBEL%\keys\siebelkeystore.csr -out %SIEBEL%\keys\siebelkeystoreCASigned.cer -days 365 -passin pass:%PASSWORD%
%JAVA%\keytool -import -alias ca -file %SIEBEL%\ca\caroot.cer -keystore %SIEBEL%\keys\siebelkeystore.jks -storepass %PASSWORD% -noprompt
%JAVA%\keytool -import -alias siebel -file %SIEBEL%\keys\siebelkeystoreCASigned.cer -keystore %SIEBEL%\keys\siebelkeystore.jks -storepass %PASSWORD%
%JAVA%\keytool -list -v -keystore %SIEBEL%\keys\siebelkeystore.jks -storepass %PASSWORD%
move %SIEBEL%\keys\siebelkeystore.jks %SIEBEL%\siebelkeystore.jks
echo Use the following path for both keystore and truststore in all Siebel installations: %SIEBEL%\siebelkeystore.jks
echo Use the following password for both keystore and truststore: %PASSWORD%
Simply save to a .BAT file (this is Windows, but should work with small mods on a Linux environment) and set the parameters appropriately. Execute the file and use the resulting “siebelkeystore.jks” file for both the keystore and truststore in your Siebel installations, across all components on that machine.
Having installed the Siebel 17 software, there’s one more step before we can set up the logical Gateway, Enterprise, Siebel Server and Application Interface (what used to be the SWSE): install the Siebel database.
As part of the Siebel Server installation, you’ll have installed the Siebel Database Server components. You can find a traditional shortcut to the configuration tool on your start menu, just like the good old days. Invoke this, enter your database connectivity details and sit back while the installer does its thing:
I noted that the installation process is significantly quicker than it used to be, even though the database installer has a lot more work to do in setting up the repository tables for workspaces. After just over an hour, I have a Siebel database ready to use.
Within the Siebel Server bin folder, you’ll find a shortcut to the license key deployment tool (LicenseKeyModule.bat). Double click this and enter your database connection details:
Select the components you’d like to use in your development environment. Click “Apply” to finish the job:
We’re ready to rock – tune in tomorrow for a detailed guided to the Siebel Management Console and the process to deploy the Gateway, Enterprise, Siebel Server and AI.
So, it’s finally arrived – Siebel 17 is here!
Of course, I’ve immediately hammered my home broadband to download all 20 delightful gigabytes of installation material to give you the low down on how to set it all up.
I’ve prepared 4 VMs for my Siebel 17 environment:
- Siebel Web – will hold the Apache Tomcat applications for both the Siebel Management Console (SMC) and the OM “Application Interface” component – the new name for SWSE
- Siebel App – will hold the Gateway and Siebel Server components
- Siebel DB – runs an Oracle 12c database
- Siebel Client – we’ll put Tools on here, just for old times sake!
At the moment, we’re only really interested in the first three.
I take a moment, these days, to prep my machines before installing anything. This typically involves an installation of a Java SDK, an Oracle Client, all Windows updates, SQL Developer and so on. My machines were ready to go by the time I’d used SNIC.BAT to produce me some installers.
Haley, what are you still doing here?
Installing the Application Interface
Running the installer, I see a familiar sight in the usual Siebel install wizard:
Some familiar and not so familiar installation options
Clearly, there are some new additions this time around! Installing the Application Interface requires the creation of a keystore and truststore, concepts that will be familiar to anyone who has used Tomcat in the past. I ran a few quick commands from my Java JDK bin folder to generate both. Note that there are some specific requirements for these files documented in Bookshelf and full instructions can be found in article Doc ID 2294567.1 on My Oracle Support. I’ve written a new post that contains a Windows batch file that you can amend and simply run to produce the appropriate keystore and truststore files.
Specify the siebel_keystore.jks for both the keystore and truststore files created above in the installation process, along with your chosen password.
During the installation process, you need to choose and note down ports for each of the Tomcat REST facades that will sit atop the Siebel components. These facades abstract a management interface that allows configuration and maintenance centrally, from the Siebel Management Console. It’s important that you write these down, though they can be derived by referring to the Tomcat configuration files within the applicationcontainer folder in each of your component installations. I’ve opted to use a standard range for each component across the HTTPS, HTTP and Shutdown ports respectively:
- Application Interface: 9011, 9012, 9013
- Gateway: 9021, 9022, 9033 (with 9034 as the Gateway TLS port)
- Siebel Server 1: 9031, 9032, 9033
Installing the Enterprise Server
The Enterprise Server installation is much the same and I elect to install the Gateway and Siebel Server separately, by invoking the installer two more times, picking a different installation folder and set of ports for each.
Not much else to do now but click “Next” and await success.
War file deployed, installation complete. Phew!
Okay, so I’ve only just scraped the tip of the Siebel 17 iceberg, by installing the base software. There’s a lot more to do to get my Siebel 17 environment up and running. Stay tuned for the next instalment!
I’ve just seen a load of excellent posts on John Bedford’s “Oracle Siebel CRM” blog, answering many of the frequently asked questions related to the upcoming release of Siebel IP 2017:
There are also a number of Web Casts available from the Oracle University site, including some demonstrations and discussions around the new Siebel Composer functionality:
Some really interesting reading in there and I cannot wait for the GA release! I’ve some VMs prep’d and ready… must be coming soon!
Stay tuned for more information and hopefully and in depth review!
My time away from Siebel is almost at an end: we’re looking at our Siebel 8.1 UCM service and are kicking off a project to bring in IP 2017. I’ll admit to being quite excited about getting back onto familiar ground and to see what has become of my beloved technology.
This is a big deal for us, as we’re not only upgrading Siebel but potentially moving to a cloud infrastructure, upgraded OS and the UCM product brings with it a whole raft of additional software changes: Oracle EDQ, the deprecation of IIR and Haley Business Rules, all make this an interesting technical and functional challenge.
I was hoping to see IP 2017 surface in May, but it’s now June and no sign of a download. However, there are signs that Oracle are gearing up for the official General Availability release. I noted recently that my old friend John Bedford has posted up details of some IP 2017 Webinar sessions being run by Oracle. My team and I will following these with great interest – and I’m sure we’re not the only ones excited about the possibilities of CRM Composer. You can find details of the sessions, as well as instructions for registration, on John’s official Oracle Siebel Blog.
Stay tuned for a full IP 2017 breakdown and review, on this site, as soon as it becomes GA.