Many of our customers run Plumtree on Oracle, for better or worse.
Despite it’s complexities and eccentricities, it’s been a good platform albeit not without it’s driver issues, configuration issues and other weirdnesses.
While doing some research on running Oracle over TCPS (TCP + SSL), I discovered two excellent Oracle resources in the blogosphere:
Two different customers of ours have recently experienced problems with server-to-server SSL and Plumtree, so I thought I would shed some light on the issue in the hope that it might help someone else who’s having the same problem.
So, here’s the gist: in order for a server to communicate with another server over SSL, the requesting server needs to have the host server’s certificate installed in it’s keystore. Doing this is pretty straighforward and well documented. First, you need to export the certificate from the host server and copy it over to the requesting server. You can read about how to do this in IIS or how to do this in a JVM-based application server such as Weblogic or Tomcat.
After exporting the cert, you’ll end up with a .cer file that you’ll need to install on the requesting server. Say that server is a Tomcat instance on which you’ve installed Plumtree’s Collaboration Server. In this case, this set of instructions should help you get that part working.
One gotcha is that the name of the server in the certificate must match the name being placed in requests made to that server. For example, if the requesting server is making a call to https://images.mycompany.com, you need to have images.mycompany.com as the name of the server in its certificate.
If you’d like to see what people are doing with Plumtree on the open internet, you can search Google using the allinurl: portal/server.pt syntax.
Bear in mind that Plumtree portal administrators can change both “portal” and “server.pt” to anything, but most do not choose (or do not know how) to change this. Really, it’s easy — just change the
VirtualDirectoryPath and the
No, it’s not boo-SHARE, it’s not buck-HEAR, and it’s certainly not buck-HAIRY.
Actually it’s easy: boo-CARE-eee. Once you’ve said it once or heard it twice, you’ll get it.
In fact, a lot of people call me Bucchere because Chris is just so, well, boring.
I get asked this question — or some variant of it — all the time. Unlike almost everything else known to mankind, the answer is not: search Google. Instead, the best thing you can do is register for an account on portal.plumtree.com. Perhaps it’s to protect the paradoxical proprietary yet “radically open” nature of the Plumtree product line (more on this later); perhaps it’s just part of the “eat your own dog food” culture of the company (Plumtree uses its own Collaboration Server on the site) – regardless, even though there are two Google groups about Plumtree, the best – and really the only – way to get your questions answered is to post them on the Developer Forum inside the Plumtree Portal. (There is also a Deployment Forum, but it’s not as well trafficked.) My account name there is “bucchere” – as you can see, I’m not terribly creative at naming companies or accounts. If you’re interested in reading some of my musings and rants on various Plumtree-related topics, log in there and do a search across the Developer Forums for “bucchere.”
One thing about me – and really about everyone who works for bdg – we certainly don’t always know the answer, but we know who knows the answer. So, I guess you could always ask one of us. But not until you’ve already checked the Developer Forums, okay? 🙂