Database Express 12c (OEM)

• Access
• Create
• Delete
• Display Configuration
• Create\Configure Session
• Multitenant Considerations
• Oracle Linux 7.x\Firefox Bug Work Around
• Disable TLS 1.0 and Enable TLS 2.0

Overview

Oracle's Database Express is a GUI tool you can use to help manage your database. Database Express replaces the 11g dbconsole. It can only be used to manage one database at a time. Database Express GUI assists in managing a databases: Configuration, Storage, Security and Performance.

Example: https://lnx01:5500/em

Change these to match your environment:

• Port 8080 is used for http.
• Port 5500 is used for https (SSL).

Create\configure Database Express session.

Prerequisites

• Install Flash for the Browser you wish to use.
• Ensure network port that you want to use is open.

Access

http

 http://<hostname>:8080/em

https (SSL)

 https://<hostname>:5500/em

Create

http

exec dbms_xdb_config.sethttpport(8080);
ALTER SYSTEM SET DISPATCHERS="(PROTOCOL=TCP)(SERVICE=DB01)";

https (SSL)

exec dbms_xdb_config.sethttpsport(5500);
ALTER SYSTEM SET DISPATCHERS="(PROTOCOL=TCP)(SERVICE=DB01)";

Display Configuration

http

 select dbms_xdb_config.gethttpport()  from dual;

https

 select dbms_xdb_config.gethttpsport() from dual;

Parameters

 show parameter dispatchers

Delete

http

 exec dbms_xdb_config.sethttpport('0');
 select dbms_xdb_config.gethttpport() from dual;

https

 exec dbms_xdb_config.sethttpsport('0');
 select dbms_xdb_config.gethttpsport() from dual;

Create\Configure Session

1. Display current config.
   select dbms_xdb_config.gethttpsport() from dual;

2. Configure Database Express 12c.
   exec dbms_xdb_config.sethttpsport(5500);

3. Display current config.
   select dbms_xdb_config.gethttpsport() from dual;

4. Log into Database Express 12c.
   https://orasrv01:5500/em

   Username: sys
   Password: ********

Multitenant Considerations

Enable on a container DB

SQLPLUS> alter session set container=CDB$ROOT;
SQLPLUS> exec dbms_xdb_config.setglobalportenabled(TRUE);

Oracle Linux 7.x\Firefox Bug Work Around

This will allow you to access DB Express.

EXEC dbms_xdb_config.sethttpport(8080);
SELECT dbms_xdb_config.gethttpport FROM dual;
   8080

From FireFox
 http:localhost:8080/em/login

Disable TLS 1.0 and Enable TLS 2.0

-- Status

  nmap --script ssl-enum-ciphers -p 5500 <hostname>

All tls versions used should be shown.

-- Edit sqlnet.ora
vi $ORACLE_HOME/network/admin/sqlnet.ora

SSL_VERSION = 1.2
SSL_CIPHER_SUITES = (TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256)

Add these entries.

-- Bounce DB

 shutdown immediate;
 startup

-- Bounce Listener

 lsnrctl stop
 lsnrctl start

-- Check

 nmap --script ssl-enum-ciphers -p 5500 <hostname>

tls 1.x should now not be shown.