Essbase supports the Secure Socket Layer (SSL) protocol for all client-to-server and server-to-server communication. SSL allows Essbase to communicate unilaterally across a network with Essbase clients, including Provider Services, Administration Services, and Oracle Essbase Studio, while preventing eavesdropping and tampering. End-point authentication and communications occur confidentiality over the Internet using CipherSuite cryptography.
These configuration settings supply parameters that enable SSL communication:
AGENTSECUREPORT
CLIENTPREFERREDMODE
ENABLECLEARMODE
ENABLESECUREMODE
NETSSLHANDSHAKETIMEOUT
SSLCIPHERSUITES
WALLETPATH
The following considerations apply when partitioning in secure (SSL) mode:
The partition source and target must have the same security protocol; for example, both or neither use SSL.
To enable Essbase to use SSL connectivity, you must set ENABLESECUREMODE to TRUE.
Consider setting CLIENTPREFERREDMODE to SECURE.
If CLIENTPREFERREDMODE is not set, or is set to FALSE, but ENABLESECUREMODE is set to TRUE, you can securely create and refresh partitions in MaxL by adding :secure to the HOST-NAME string. For example,
login esbuser esbpassword on “localhost:6423:secure”;
The following considerations apply when using location aliases in secure (SSL) mode:
To enable Essbase to use SSL connectivity, you must set ENABLESECUREMODE to TRUE.
If the location alias is being set up to a secure port, you must append :secure to the server name specification. For example, using MaxL,
create location alias EasternDB from Sample.Basic to East.Sales at Easthost:6423:secure as User1 identified by password1;
To configure Essbase for encrypted (SSL) communication with Provider Services, you must perform a configuration task to enable the Essbase libcurl library to set up a secure channel to Oracle Hyperion Provider Services. See Configuration for SSL Encrypted Communication with Provider Services.
For more information on using SSL with Essbase, see the Oracle Hyperion Enterprise Performance Management System Security Administration Guide.