Oracle DB

This section explains on how to configure CipherMail with support for Oracle DB.

Note

It is assumed that Oracle DB is already installed (either on the same system as CipherMail or an external system) and that it is accessible from the CipherMail system.

Configure database

CipherMail requires requires a database named djigzo which is owned by database user djigzo.

Note

If the database or the database user is named differently, update the required configuration files accordingly.

Login as the database administrator:

sqlplus system

Execute the following SQL commands to create a database user and database:

CREATE USER djigzo IDENTIFIED BY djigzo default tablespace USERS;

GRANT CREATE SESSION TO djigzo;
GRANT CREATE TABLE TO djigzo;
GRANT CREATE VIEW TO djigzo;
GRANT CREATE PROCEDURE TO djigzo;
GRANT CREATE SEQUENCE TO djigzo;

Set quota for the user 1:

ALTER USER djigzo QUOTA 300M ON USERS;
1

Replace 300M should be sufficient for most setups. If the DLP quarantine functionality will be used, the quota might need to be increased.

Import table definitions.

Login as the database user:

sqlplus djigzo/djigzo@XE

Import the table definitions:

@ /usr/share/djigzo/conf/database/sql/djigzo.oracle.sql

Configure CipherMail

CipherMail requires a number of changes.

CipherMail should be configured to use Oracle instead of PostgreSQL.

sudo vi /usr/share/djigzo/wrapper/wrapper-additional-parameters.conf

Add the following line to the end of wrapper-additional-parameters.conf:

-Dciphermail.hibernate.database.type=oracle

The database connection, hostname of database server etc., should be configured in the file hibernate.oracle.connection.xml.

sudo vi /usr/share/djigzo/conf/database/hibernate.oracle.connection.xml

By default the database connection is configured to connect to Oracle on localhost. Change this to the IP address (or fully qualified domain name) of the Oracle server if the database server runs on a different host.

Disable backup page

The built-in backup/restore functionality only works with a locally configured PostgreSQL database. The web GUI backup option can be disabled by adding the following option to the tomcat options:

-Dciphermail.backup.enabled=false

The option should be added to the tomcat default settings file

Ubuntu/Debian

sudo bash -c 'echo "JAVA_OPTS=\"\$JAVA_OPTS \
-Dciphermail.backup.enabled=false\"" >> /etc/default/tomcat8'

RedHat/CentOS

Add the option -Dciphermail.backup.enabled=false to the last JAVA_OPTS line in the tomcat config file:

vi /etc/sysconfig/tomcat

The last JAVA_OPTS line should look similar to:

JAVA_OPTS="-Ddjigzo-web.home=/usr/share/djigzo-web -Djava.awt.headless=true -Xmx128M
 -Dciphermail.backup.enabled=false"

Restart services

Ubuntu/Debian

sudo systemctl restart ciphermail-gateway-backend
sudo systemctl restart tomcat8

RedHat/CentOS

systemctl restart ciphermail-gateway-backend
systemctl restart tomcat

Check log file to see whether the back-end starts without any errors:

sudo journalctl -u ciphermail-gateway-backend