IIS Reverse Proxy Implementation



Similar documents
An Oracle White Paper July Introducing the Oracle Home User in Oracle Database 12c for Microsoft Windows

Please read the F.A.Q below for more information and please feel free to contact your Oracle account representative for more information.

Configuring Microsoft Active Directory 2003 for Net Naming. An Oracle White Paper September 2008

An Oracle White Paper April How to Install the Oracle Solaris 10 Operating System on x86 Systems

An Oracle White Paper October Oracle Database and IPv6 Statement of Direction

An Oracle White Paper September Oracle WebLogic Server 12c on Microsoft Windows Azure

Deliver Oracle BI Publisher documents to Microsoft Office SharePoint Server An Oracle White Paper July 2008

Configuring Microsoft Active Directory for Oracle Net Naming. An Oracle White Paper April 2014

WHITE PAPER Citrix Secure Gateway Startup Guide

Load Balancing Oracle Web Applications. An Oracle White Paper November 2004

ENABLING RPC OVER HTTPS CONNECTIONS TO M-FILES SERVER

Siebel CRM On Demand Single Sign-On. An Oracle White Paper December 2006

Migration Best Practices for OpenSSO 8 and SAM 7.1 deployments O R A C L E W H I T E P A P E R M A R C H 2015

An Oracle White Paper March Integrating Microsoft SharePoint Server With Oracle Virtual Directory

CONFIGURING IIS WEB APPLICATIONS FOR USE WITH TIME MACHINE

Secure IIS Web Server with SSL

Installation Procedure SSL Certificates in IIS 7

An Oracle White Paper November Oracle Business Intelligence Standard Edition One 11g

How To Enable A Websphere To Communicate With Ssl On An Ipad From Aaya One X Portal On A Pc Or Macbook Or Ipad (For Acedo) On A Network With A Password Protected (

Oracle Business Intelligence Enterprise Edition Plus and Microsoft Office SharePoint Server. An Oracle White Paper October 2008

Oracle Easy Connect Naming. An Oracle White Paper October 2007

Oracle Directory Services Integration with Database Enterprise User Security O R A C L E W H I T E P A P E R F E B R U A R Y

Oracle Insurance General Agent Hardware and Software Requirements. Version 8.0

JD Edwards EnterpriseOne 9.1 Clustering Best Practices with Oracle WebLogic Server

Configuring Oracle SDN Virtual Network Services on Netra Modular System ORACLE WHITE PAPER SEPTEMBER 2015

An Oracle White Paper September Advanced Java Diagnostics and Monitoring Without Performance Overhead

Secure Web Appliance. SSL Intercept

How To Load Data Into An Org Database Cloud Service - Multitenant Edition

Universal Content Management Version 10gR3. Security Providers Component Administration Guide

Setup Guide Access Manager 3.2 SP3

OpenLDAP Oracle Enterprise Gateway Integration Guide

Microsoft Active Directory Oracle Enterprise Gateway Integration Guide

Flexible Routing and Load Control on Back-End Servers. Controlling the Request Load and Quality of Service

Oracle Net Services for Oracle10g. An Oracle White Paper May 2005

Implementing a Custom Search Interface with SES - a case study with search.oracle.com. An Oracle White Paper June 2006

Oracle Communications Extension Group: Enterprise Application Guide ORACLE WHITE PAPER AUGUST 2015

An Oracle White Paper June RESTful Web Services for the Oracle Database Cloud - Multitenant Edition

Monitoring and Diagnosing Production Applications Using Oracle Application Diagnostics for Java. An Oracle White Paper December 2007


Oracle Mobile Security

WebSphere MQ Oracle Enterprise Gateway Integration Guide

How To Configure An Orgaa Cloud Control On A Bigip (Cloud Control) On An Orga Cloud Control (Oms) On A Microsoft Cloud Control 2.5 (Cloud) On Microsoft Powerbook (Cloudcontrol) On The

Setting Up SSL on IIS6 for MEGA Advisor

An Oracle White Paper March Integrating the SharePoint 2007 Adapter with WebCenter Spaces ( & )

Table of Contents. Chapter 1: Installing Endpoint Application Control. Chapter 2: Getting Support. Index

An Oracle White Paper October BI Publisher 11g Scheduling & Apache ActiveMQ as JMS Provider

Sun ZFS Storage Appliance Rule-Based Identity Mapping Between Active Directory and Network Information Services Implementation Guide

Oracle BI Publisher Enterprise Cluster Deployment. An Oracle White Paper August 2007

Field Service Management in the Cloud

RealPresence Platform Director

Reverse Proxy Guide. Version 2.0 April 2016

Oracle Enterprise Manager

Oracle Enterprise Manager. Description. Versions Supported

Oracle FLEXCUBE Direct Banking Release Retail Credit Card User Manual. Part No. E

An Oracle White Paper June Security and the Oracle Database Cloud Service

An Oracle White Paper June, Provisioning & Patching Oracle Database using Enterprise Manager 12c.

An Oracle White Paper May Distributed Development Using Oracle Secure Global Desktop

An Oracle White Paper December The Value of Diameter Signaling in Security and Interworking Between 3G and LTE Networks

Pre-Installation Instructions

Oracle WebCenter Content Service for Microsoft Exchange

Oracle Service Cloud and Oracle WebRTC Session Controller ORACLE WHITE PAPER FEBRUARY 2015

Manage Oracle Database Users and Roles Centrally in Active Directory or Sun Directory. Overview August 2008

Oracle Real-Time Scheduler Benchmark

Oracle Business Intelligence ADF Custom Visualizations and Integration. An Oracle White Paper November 2012

Express Implementation for Electric Utilities

Oracle Fusion Applications Splitting Topology from Single to Multiple Host Servers

Privileged Access Management Upgrade Guide

Virtual Contact Center

An Oracle White Paper February Oracle Data Integrator 12c Architecture Overview

Oracle VM Manager Template. An Oracle White Paper February 2009

An Oracle White Paper June Oracle Linux Management with Oracle Enterprise Manager 12c

Ensuring Web Service Quality for Service-Oriented Architectures. An Oracle White Paper June 2008

An Oracle Best Practice Guide April Best Practices for Designing Contact Center Experiences with Oracle RightNow CX Cloud Service

DameWare Server. Administrator Guide

An Oracle Technical White Paper May How to Configure Kaspersky Anti-Virus Software for the Oracle ZFS Storage Appliance

How To Customize An Org Bee 11G With A Custom Skin On A Windows 7.5 (Oracle) 11G (Orca) 11Ge (Orora) 11Gh (Orroboro) 11E (Ororro

Oracle SQL Developer Migration. An Oracle White Paper September 2008

Setup Guide Access Manager Appliance 3.2 SP3

Microsoft IIS Integration Guide

Managed Storage Services

An Oracle White Paper Dec Oracle Access Management Security Token Service

FTP, IIS, and Firewall Reference and Troubleshooting

Using IIS Application Request Routing to Publish Lync Server 2013 Web Services

An Oracle White Paper May Creating Custom PDF Reports with Oracle Application Express and the APEX Listener

JD Edwards EnterpriseOne Tools. 1 Understanding JD Edwards EnterpriseOne Business Intelligence Integration. 1.1 Oracle Business Intelligence

FAQ: How to create Effective Messages

Installation Guide. SafeNet Authentication Service

Reference and Troubleshooting: FTP, IIS, and Firewall Information

Oracle s Solution for Secure Remote Workers. Providing Protected Access to Enterprise Communications

Customer Tips. Xerox Network Scanning HTTP/HTTPS Configuration using Microsoft IIS. for the user. Purpose. Background

SIMPLIFY MICROSOFT CRM AND QUICKBOOKS INTEGRATION Microsoft Dynamics CRM Online to QuickBooks Bidirectional

Load Testing Hyperion Applications Using Oracle Load Testing 9.1

2 Downloading Access Manager 3.1 SP4 IR1

HRC Advanced Citrix Troubleshooting Guide. Remove all Citrix Instances from the Registry

Long User ID and Password Support In JD Edwards EnterpriseOne

An Oracle White Paper July Oracle Linux and Oracle VM Remote Lab User Guide

An Oracle White Paper June How to Install and Configure a Two-Node Cluster

Maximum Availability Architecture. Oracle Best Practices For High Availability. Backup and Recovery Scenarios for Oracle WebLogic Server: 10.

Cisco SSL Encryption Utility

MadCap Software. Upgrading Guide. Pulse

Transcription:

IIS Reverse Proxy Implementation for OXI/OEDS Servers V E R S I O N : 1. 1 M A Y 2 9, 2 0 1 5

Table of Contents Intended Audience 3 About this Document 3 Advisories and Known Issues 3 Additional Considerations 4 SSL Overview 5 IIS Reverse Proxy Installation Overview for OPERA OXI/OEDS Servers 6 Components 6 Implementing the IIS Reverse Proxy Solution 7 Troubleshooting Tips 25 2 IIS REVERSE PROXY FOR OXI/OEDS

Intended Audience Oracle Implementation Resources and IT Personnel involved in installing SSL certificates on an OPERA OXI/OEDS Server. This solution is intended for externally facing OPERA OXI/OEDS Servers within a segmented DMZ. It is only supported for Windows 7 and Windows 2008 Server R2 and for OPERA Versions 5.0.x.x. About this Document The SSL Installation and Overview for OPERA section provides a high level overview of the Implementation process for an OPERA Application Server without providing step by step details. The provided Troubleshooting Tips will likely be helpful to anyone troubleshooting issues that may have arisen during an IIS Reverse Proxy Implementation. Advisories and Known Issues The installation described in this document was designed to handle most standard OXI/OEDS installations. For complex installations including Data Center environments or installations, Oracle strongly recommends consultation with a knowledgeable resource prior to implementation. Oracle strongly recommends that an OPERA OXI server be segmented within a DMZ if it is presented to externally located interface communication. For example, an OPERA OXI server that functions as an endpoint for SynXis or Travelclick postings should be in a segmented DMZ. Oracle strongly recommends that a backup of the system be taken prior to and after implementation. 3 IIS REVERSE PROXY FOR OXI/OEDS

Additional Considerations This solution leverages Microsoft Internet Information Services as a reverse proxy in order to account for the following: The POODLE vulnerability (CVE-2014-3566 and CVE-2014-8730) affects protocols currently required for OPERA communication. Legacy V5 application servers (OPERA version 5.0.04.02 and below) are affected. In order to properly mitigate POODLE, SSLv3 and TLS 1.0 support should be disabled in favor of TLS 1.2 instead. This can be completed via the updates to SCHANNEL registry settings for IIS. SSL certificates issued by a public Certificate Authority must be issued using a SHA-2 cipher after January 1, 2016. The Legacy V5 application server (OPERA version 5.0.04.02 and below) cannot support this cipher. IIS 7.5 allows for SHA-2 support. 4 IIS REVERSE PROXY FOR OXI/OEDS

SSL Overview Secure Sockets Layer (SSL) communications have become an internet standard when securing sensitive data transmissions across a network. When making a connection via this protocol, the connection is validated in three steps: 1 The name of the server to which the certificate is issued must match the URL requested. 2 The Certificate Signing Authority that issue the certificate must be known to the client machine or there must be a chain of certificates provided that point to a CA that is known to the client. 3 The certificate must not be expired. 4 The name of the server to which the certificate is issued must be a Fully Qualified Domain Name and Domain validation must be confirmed by the Certificate Signing Authority. The first step of validation ensures that the website hasn't been hijacked by an unknown entity. There are scenarios where this can pose some challenges for an OPERA installation, however. In most cases, the OPERA server may be configured to use the application server name in the URL, but a user may request a connection to OPERA using the machine's IP Address. In this case, the client machine will see that it has been redirected to https://appservername when the original request was made for https://ipaddress. In such a case, the two URL's don't match, so the client machine does (and should) display and error message that the site name is mismatched. In order to resolve this, the client request can be modified to request https://appservername In the second step of validation, the server passes an SSL certificate to the client machine requesting a connection. The client is then able to view the signature of the Certificate Signing Authority that issued the certificate to the server and determine whether the server can be trusted. In some cases, the Certificate Signing Authority that signed the server certificate may not be directly trusted by the client, but the Certificate Signing Authority that signed the certificate for the signer is trusted. Visually, this could look something like this: Trusted Root CA2 Trusted Root is a common certificate authority that is known to most of the world. CA1 CA1 is certificate authority that signed certificate for CA2. Server CA1 is certificate authority that signed certificate for Server. As long as the Certificate Signing Authority of one of the certificates in the certificate path of the server's certificate is trusted by the client, the connection is validated. The third step of validation simply checks for the expiration date on the SSL certificate itself. In the event that an expired certificate is encountered, the client browser will still allow the connection (i.e., the system remains functional) and displays a message indicating the certificate is expired. Once the certificate is replaced with a new copy that expires at a later date, the message will stop. In order to secure incoming communications to an HTTP server, an SSL certificate ensures that all messages between client and server are encrypted during transmission. 5 IIS REVERSE PROXY FOR OXI/OEDS

IIS Reverse Proxy Installation Overview for OPERA OXI/OEDS Servers For OXI / OEDS Servers, installing an SSL certificate requires the following high level steps: 1. Install Windows Internet Information Services (IIS) 7.5 2. Install additional IIS feature required for reverse proxy functionality 3. Generate a Certificate Signing Request from within IIS 4. Obtain a signed certificate from certificate provider 5. Install the signed (previously requested) certificate into IIS 6. Update the 10g Application Server configuration to account for the IIS redirect 7. Update the IIS configuration to proxy requests to the 10g Application Server Components The following components are require for IIS Reverse Proxy: Windows 7 x32 bit o webfarm_v1.1_x86_en_us.msi o ExternalDiskCache_x86_en-US.msi o rewrite_x86_en-us.msi o requestrouter_x86 Windows 7 x64 bit and Windows 2008 R2 o webfarm_v1.1_amd64_en_us.msi o ExternalDiskCache_amd64_en-US.msi o rewrite_amd64_en-us.msi o requestrouter_x64.msi Currently, the files are available using the links below. Be aware the difference between x86 and x64 versions of the files. http://download.microsoft.com/download/5/4/7/5477b52e-7cc8-433c-aa26-74732b485857/webfarm_v1.1_x86_en_us.msi http://download.microsoft.com/download/4/d/f/4dfda851-515f-474e-ba7a-5802b3c95101/externaldiskcache_x86_en-us.msi http://download.microsoft.com/download/6/9/c/69c1195a-123e-4be8-8edf-371cdca4ec6c/rewrite_x86_en-us.msi http://download.microsoft.com/download/6/3/d/63d67918-483e-4507-939d-7f8c077f889e/requestrouter_x86.msi http://download.microsoft.com/download/5/7/0/57065640-4665-4980-a2f1-4d5940b577b0/webfarm_v1.1_amd64_en_us.msi http://download.microsoft.com/download/3/4/1/3415f3f9-5698-44fe-a072-d4af09728390/externaldiskcache_amd64_en-us.msi http://download.microsoft.com/download/6/7/d/67d80164-7dd0-48af-86e3-de7a182d6815/rewrite_amd64_en-us.msi http://download.microsoft.com/download/6/3/d/63d67918-483e-4507-939d-7f8c077f889e/requestrouter_x64.msi 6 IIS REVERSE PROXY FOR OXI/OEDS

Implementing the IIS Reverse Proxy Solution 1. Ensure that the OXIServlets page is up and functional. http://localhost/operajserv/oxiservlets/pmsinterface?info=y 2. Update OPERA configuration via OAppCfgEd Read Only Mode = NO Turn off Redirect Turn off SSL Change default port to 8081 7 IIS REVERSE PROXY FOR OXI/OEDS

3. Ensure that the OXIServlets page is up and functional on port 8081 http://localhost:8081/operajserv/oxiservlets/pmsinterface?info=y 8 IIS REVERSE PROXY FOR OXI/OEDS

4. Ensure that IIS is installed NOTE: IIS may already be setup and in use with OEDS services i. If so, decisions will have to be made about what ports IIS will be using ii. Documented steps present both OXI and OEDS services on port 443 using a single SSL certificate Windows 7 - Control Panel >> Programs and Features >> Turn Windows Features On or Off >> Ensure Internet Information Services is checked Windows 2008 Admin Tools >> Server Manager >> Roles >> Add Roles >> Web Server (IIS) Helpful script to install necessary IIS components i. CMD Run as Admin ii. START /WAIT DISM /Online /Enable-Feature /FeatureName:IIS-ApplicationDevelopment /FeatureName:IIS-CommonHttpFeatures /FeatureName:IIS-DefaultDocument /FeatureName:IIS- DirectoryBrowsing /FeatureName:IIS-HealthAndDiagnostics /FeatureName:IIS-HttpCompressionStatic /FeatureName:IIS-HttpErrors /FeatureName:IIS-HttpLogging /FeatureName:IIS-ManagementConsole /FeatureName:IIS-Performance /FeatureName:IIS-RequestFiltering /FeatureName:IIS-RequestMonitor /FeatureName:IIS-Security /FeatureName:IIS-StaticContent /FeatureName:IIS-WebServer /FeatureName:IIS-WebServerManagementTools /FeatureName:IIS-WebServerRole 9 IIS REVERSE PROXY FOR OXI/OEDS

5. Install additional IIS add-on features Double click on each to begin the straight forward installation, continue by clicking NEXT It is of utmost importance that they are installed in the correct order Windows 7 x32 bit i. webfarm_v1.1_x86_en_us.msi ii. ExternalDiskCache_x86_en-US.msi iii. rewrite_x86_en-us.msi iv. requestrouter_x86 Windows 7 x64 bit and Windows 2008 R2 i. webfarm_v1.1_amd64_en_us.msi ii. ExternalDiskCache_amd64_en-US.msi iii. rewrite_amd64_en-us.msi iv. requestrouter_x64.msi 6. Configure IIS for SSL Issue Certificate Request Start >> Control Panel >> Administrative Tools >> Internet Information Services Manager Double click on the Server Certificates option NOTE If the server is already functioning with OEDS, an SSL Certificate may already exist within IIS. This certificate can be used for both OXI and OEDS. Please skip to step 8 in order to update the port binding. Also be aware that external vendors will likely need to update the URLs for posting after implementation is completed. 10 IIS REVERSE PROXY FOR OXI/OEDS

Create Certificate Request Enter all pertinent information regarding the request 11 IIS REVERSE PROXY FOR OXI/OEDS

Enter Bit Length of 2048 or higher 2048 is the minimum suggested value Save the Certificate Request to a convenient location Select FINISH 12 IIS REVERSE PROXY FOR OXI/OEDS

7. Configure IIS for SSL - Obtain certificate from Trusted Certificate Authority 8. Configure IIS for SSL Complete Certificate Request Complete Certificate Request Select the.cer of.pfx file returned by the Certificate Authority Issue a Friendly Name for the certificate The certificate will show up within the Server Certificates listing 13 IIS REVERSE PROXY FOR OXI/OEDS

9. Configure IIS for SSL Bind certificate to Default Web Page on Port 443 Start >> Control Panel >> Administrative Tools >> Internet Information Services Manager Sites >> Default Web Sites Bindings option on the right hand side 14 IIS REVERSE PROXY FOR OXI/OEDS

Select the Add option Select HTTPS, the IPv4 address, Port 443 and the correct SSL certificate 15 IIS REVERSE PROXY FOR OXI/OEDS

Select OK and ensure that the binding was added Select and remove the http option 10. Start the Default Web Site and test that port 443 is bound with the SSL certificate 16 IIS REVERSE PROXY FOR OXI/OEDS

Select Default Web Site in left panel Select the Start or Restart option in the right panel Test the following URL https://172.36.200.215 replacing the IP with that of your server IIS7 default page should show as follows 11. Configure IIS for Reverse Proxy of Operajserv ( OXI Requests ) 17 IIS REVERSE PROXY FOR OXI/OEDS

Start >> Control Panel >> Administrative Tools >> Internet Information Services Manager Select the server name in the left panel Double click Application Request Routing Cache in middle panel Select Server Proxy Settings in right panel Ensure the following options are selected / configured 18 IIS REVERSE PROXY FOR OXI/OEDS

i. Enable proxy should be checked ii. Leave the rest of the default options alone as seen in screenshot below Scroll down i. Check option for USE URL REWRITE TO INSPECT INCOMING REQUESTS ii. Enter value for Reverse Proxy localhost:8081 19 IIS REVERSE PROXY FOR OXI/OEDS

Select the APPLY option in right panel 20 IIS REVERSE PROXY FOR OXI/OEDS

Select the URL Rewrite option in the right panel Highlight the ARR_server_proxy URL Rewrite Inbound Rule and select Edit in right panel 21 IIS REVERSE PROXY FOR OXI/OEDS

Change the Pattern value from * to *Operajserv* and select Apply in right panel Select Back to Rules and confirm that the ARR_server_proxy Inbound Rule shows the updated pattern. This change ensures that all URL requests containing Operajserv are proxied to port 8081 on the localhost. Restart IIS to ensure the change is in place 22 IIS REVERSE PROXY FOR OXI/OEDS

12. Ensure that the OXIServlets page is up and accessible Update the URL below with the proper FQDN or server name https://reservations.ogtslab.com/operajserv/oxiservlets/pmsinterface?info=y 13. Restrict the protocols are utilized by IIS This requires updating registry so please be cautious and take a backup if you are unsure of the changes The following registry keys will need to be created These values can be customized as needed. i. DisabledByDefault is set to 1 the protocol will NOT be used/accepted. ii. DisabledByDefault is set to 0 the protocol is active and acceptable. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Server o REG_DWORD named DisabledByDefault with value of 0x00000001 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Client o REG_DWORD named DisabledByDefault with value of 0x00000001 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Server o REG_DWORD named DisabledByDefault with value of 0x00000000 o This was set to 0 in order to account for external vendors still posting using SSLv3 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Client o REG_DWORD named DisabledByDefault with value of 0x00000001 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Server o REG_DWORD named DisabledByDefault with value of 0x00000000 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Client o REG_DWORD named DisabledByDefault with value of 0x00000000 o Be aware setting TLS 1.0 values to 1 will disable RDP connectivity for the machine HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Server o REG_DWORD named DisabledByDefault with value of 0x00000000 23 IIS REVERSE PROXY FOR OXI/OEDS

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Client o REG_DWORD named DisabledByDefault with value of 0x00000000 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server o REG_DWORD named DisabledByDefault with value of 0x00000000 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client o REG_DWORD named DisabledByDefault with value of 0x00000000 The following REG file can be used to quickly update the settings above o ftp://ftp.micros.com/fidelio/opera/customers/operagts/iis_reverse_proxy/iis_protocols.reg 14. Restart the Default Web Page From a CMD prompt net start "World Wide Web Publishing Service" 15. Test and ensure that the OXIServlets are still produced same as step 11 16. Test and ensure that the OEDS service is produced The example URL may differ depending on the OEDS installation this is an example for HTNG https://reservations.ogtslab.com/htng/activityservice.asmx 17. Ensure that all external vendors have the new URLs for posting if they were changed. Test with the external vendors and ensure that the interfaces are working properly. 24 IIS REVERSE PROXY FOR OXI/OEDS

Troubleshooting Tips 1. Please review the Windows Event Logs for an IIS errors if the solution is not behaving as expected. 2. If the reverse proxy is not functioning, please ensure that the ARR_Reverse_Proxy rule in Step 10 is not greyed out. If it is, please delete the rule, uncheck the option to Enable Proxy, save configuration, restart IIS and complete Step 10 again. 25 IIS REVERSE PROXY FOR OXI/OEDS

Oracle Corporation, World Headquarters 500 Oracle Parkway Redwood Shores, CA 94065, USA Worldwide Inquiries Phone: +1.650.506.7000 Fax: +1.650.506.7200 C O N N E C T W I T H U S blogs.oracle.com/oracle facebook.com/oracle twitter.com/oracle oracle.com Copyright 2015, Oracle and/or its affiliates. All rights reserved. This document is provided for information purposes only, and the contents hereof are subject to change without notice. This document is not warranted to be error-free, nor subject to any other warranties or conditions, whether expressed orally or implied in law, including implied warranties and conditions of merchantability or fitness for a particular purpose. We specifically disclaim any liability with respect to this document, and no contractual obligations are formed either directly or indirectly by this document. This document may not be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without our prior written permission. Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners. IIS Reverse Proxy for OXI/OEDS May 12, 2015 Author: Devin Mills