How to Secure Oracle APEX Development Environment with Free SSL from Let's Encrypt?
Arun Mohan
Introduction
In our previous tutorial, we discussed setting up a reverse proxy using Microsoft IIS, enhancing the security and accessibility of our Oracle APEX applications. Continuing from there, this tutorial delves into another crucial aspect of application security: installing free SSL from Let's Encrypt in Microsoft IIS.
Disclaimer
Before we proceed, it's essential to emphasize that the methods demonstrated in this tutorial are intended solely for educational purposes. While suitable for development environments, these approaches may not provide the level of security required for production environments. Always consult with your organization's IT policies and security guidelines before implementing any changes.
Use Case
In a development environment, securing our applications becomes paramount, especially when integrating with other services reliant on SSL and testing advanced functionalities such as push notifications. By installing SSL certificates, we ensure secure communication between our application and external services, enhancing overall security and trustworthiness.
Video Tutorial
Implementation
To implement free SSL from Let's Encrypt in Microsoft IIS, we'll leverage a third-party tool called win-acme. Follow these simple steps to secure your development environment:
Download win-acme: Begin by acquiring win-acme, a user-friendly tool designed to simplify the SSL certificate acquisition process. URL: https://www.win-acme.com/
Configure Site Bindings in IIS: Next, navigate to Internet Information Services (IIS) and configure site bindings to establish seamless communication between your server and the SSL certificate.
Request SSL using win-acme: With win-acme command line interface, initiate the SSL certificate request process, allowing for a secure connection to your development environment.
Trusted Origin Configuration
After enabling SSL and reverse proxy, it's common to encounter issues when logging into Oracle APEX workspace due to untrusted origins. To overcome this, we need to configure trusted origins in the ORDS configuration file. Here's how:
Open the ORDS configuration folder and locate the 'settings.xml' file.
Add an entry for your domain to the 'settings.xml' file to designate it as a trusted origin.
<entry key="security.externalSessionTrustedOrigins">http://example.com,https://example.com:443</entry> <entry key="security.forceHTTPS">true</entry>Save the changes and restart the server to apply the configuration.
By following the steps outlined in this tutorial and configuring trusted origins, we can establish a secure foundation for testing and integrating advanced functionalities into our Oracle APEX applications. Stay tuned for more insightful tutorials in our "How-to in Oracle APEX" series!
References
win-acme download URL: https://www.win-acme.com/
Let's Encrypt: https://letsencrypt.org/
Subscribe to my newsletter
Read articles from Arun Mohan directly inside your inbox. Subscribe to the newsletter, and don't miss out.
Written by
Arun Mohan
Arun Mohan
I am an experienced IT professional with over 10 years of expertise in ERP, specializing in manufacturing and finance modules. As a solution architect, I am skilled in Oracle PL/SQL and Oracle APEX, with experience in software development, project management, and solution architecture. Leveraging my expertise in Enterprise Performance Management (EPM), I help businesses make data-driven decisions and improve their performance. I am committed to staying current with the latest trends and technologies in the industry and enjoy collaborating with colleagues and clients to design and implement solutions that align with their unique business needs. If you would like to learn more about my experience or have any questions, please feel free to connect with me.