Tune OAG JVM

 

 Tune Policy Studio

Under oagpolicystudio directory there is a file policystudio.ini which contains the memory parameters for associated JVM for editor. For example, you can increase the Xmx value if your studio is too slow,

Tune Gateway

To tune JVM parameter in OAG server you need to play with jvm.xml. For example,

1. Heap-dump on ctrl-break <VMArg name="-agentlib:hprof=file=heap.out,format=b"/>

2. Heap Dump on OutOfMemoryException <VMArg name="-XX:+HeapDumpOnOutOfMemoryError"/>

3. Increase JVM Memory <VMArg name="-Xms1024m" /> <VMArg name="-Xmx1024m" />

 

 

Cipher Configuration

You might need to configure cipher under advanced SSL tab though it depends on project need. For example,

TLSv1:+HIGH:!SSLv2 RC4+MEDIUM:!LOW:!aNULL:!eNull:!NULL:!EXPORT56:!EXPORT40:@STRENGTH

Apart from that make sure,

1. Every policy needs to be mapped with relative path in OAG.

2. Remove all unused HTTP ports and interfaces.

3. Remove all unused policies which are excluded from project scope.

4. Remove all dummy connections to external entities.

5. Remove all the certs from cert store which are expired.

6. Remove all the users which are not allowed to access and configure OAG.

Dynamic SSL Configuration @OAG [Oracle API Gateway]

 

 Configuring Dynamic SSL Interface

Here SSL interface need to define by selecting appropriate port. For that you need a certificate and that needs to bind with SSL interface. Binding certificate with SSL port should be dynamic and certs will be picked up dynamically during runtime from environment variable. So in future if you want to bind another cert with SSL port you need not to change any code, just update environment property file.

For example,

Here X.509 Cert binds to environment variable and here is the excerpt for the same,

If you look at certificate with alias SSLCertServer has been created in OAG.

Notice the SSL port also accessing environment variable by ${env.PORT.INBOUND.SERVICES}.