Oracle DB
This section explains on how to configure CipherMail with support for Oracle DB.
Note
It is assumed that Oracle DB is already installed (either on the same system as CipherMail or an external system) and that it is accessible from the CipherMail system.
Configure database
CipherMail requires requires a database named djigzo which is owned by database user djigzo.
Note
If the database or the database user is named differently, update the required configuration files accordingly.
Login as the database administrator:
sqlplus system
Execute the following SQL commands to create a database user and database:
CREATE USER djigzo IDENTIFIED BY djigzo default tablespace USERS;
GRANT CREATE SESSION TO djigzo;
GRANT CREATE TABLE TO djigzo;
GRANT CREATE VIEW TO djigzo;
GRANT CREATE PROCEDURE TO djigzo;
GRANT CREATE SEQUENCE TO djigzo;
Set quota for the user 1:
ALTER USER djigzo QUOTA 300M ON USERS;
- 1
Replace 300M should be sufficient for most setups. If the DLP quarantine functionality will be used, the quota might need to be increased.
Import table definitions.
Login as the database user:
sqlplus djigzo/djigzo@XE
Import the table definitions:
@ /usr/share/djigzo/conf/database/sql/djigzo.oracle.sql
Configure CipherMail
CipherMail requires a number of changes.
CipherMail should be configured to use Oracle instead of PostgreSQL.
sudo vi /usr/share/djigzo/wrapper/wrapper-additional-parameters.conf
Add the following line to the end of wrapper-additional-parameters.conf:
-Dciphermail.hibernate.database.type=oracle
The database connection, hostname of database server etc., should be configured in the file hibernate.oracle.connection.xml.
sudo vi /usr/share/djigzo/conf/database/hibernate.oracle.connection.xml
By default the database connection is configured to connect to Oracle on localhost. Change this to the IP address (or fully qualified domain name) of the Oracle server if the database server runs on a different host.
Disable backup page
The built-in backup/restore functionality only works with a locally configured PostgreSQL database. The web GUI backup option can be disabled by adding the following option to the tomcat options:
-Dciphermail.backup.enabled=false
The option should be added to the tomcat default settings file
Ubuntu/Debian
sudo bash -c 'echo "JAVA_OPTS=\"\$JAVA_OPTS \
-Dciphermail.backup.enabled=false\"" >> /etc/default/tomcat8'
RedHat/CentOS
Add the option -Dciphermail.backup.enabled=false to the last JAVA_OPTS line in the tomcat config file:
vi /etc/sysconfig/tomcat
The last JAVA_OPTS line should look similar to:
JAVA_OPTS="-Ddjigzo-web.home=/usr/share/djigzo-web -Djava.awt.headless=true -Xmx128M
-Dciphermail.backup.enabled=false"
Restart services
Ubuntu/Debian
sudo systemctl restart ciphermail-gateway-backend
sudo systemctl restart tomcat8
RedHat/CentOS
systemctl restart ciphermail-gateway-backend
systemctl restart tomcat
Check log file to see whether the back-end starts without any errors:
sudo journalctl -u ciphermail-gateway-backend