1. SSH to the DB system, log in as opc, sudo to the oracle user, and log in to the database as SYS.

   sudo su - oracle
   . oraenv
   <provide the database SID at the prompt>
   sqlplus / as sysdba

2. Do one of the following:

   • To enable the console and set its port, use the following command.

     exec DBMS_XDB_CONFIG.SETHTTPSPORT(<port>);

     For example:

     exec DBMS_XDB_CONFIG.SETHTTPSPORT(5500);

   • To determine the port for a previously enabled console, use the following command.

     select dbms_xdb_config.getHttpsPort() from dual;

     For example:

     select dbms_xdb_config.getHttpsPort() from dual;

     Output:

     DBMS_XDB_CONFIG.GETHTTPSPORT()
     ------------------------------
                               5500

3. Return to the operating system by typing exit and then confirm that the listener is listening on the port:

   lsnrctl status | grep HTTP

   Output:

   (DESCRIPTION=(ADDRESS=(PROTOCOL=tcps)(HOST=xxx.xx.xxxxxx.xxx)(PORT=5500))(Security=(my_wallet_directory=/u01/app/oracle/admin/prod/xdb_wallet))(Presentation=HTTP)(Session=RAW))

4. If you are using a 2-node RAC DB system, see Set the Required Permissions On a 2-node RAC DB System.
5. Open the console's port as described in Open Ports on the DB System.
6. Update the security list for the console's port as described in Update the Security List for the DB System.

If you're using a 2-node RAC DB system, you'll need to add read permissions for the asmadmin group on the wallet directory on both nodes in the system.

1. SSH to one of the nodes in the DB system, log in as opc, and sudo to the grid user.

   sudo su - grid
   . oraenv
   ORACLE_SID = [+ASM1] ?
   The Oracle base has been set to /u01/app/grid

2. Get the location of the wallet directory by executing the following command.

   lsnrctl status | grep xdb_wallet

   Output:

   (DESCRIPTION=(ADDRESS=(PROTOCOL=tcps)(HOST=dbsysHost1.sub04061528182.dbsysapril6.oraclevcn.com)(PORT=5500))(Security=(my_wallet_directory=/u01/app/oracle/admin/dbsys12_phx3wm/xdb_wallet))(Presentation=HTTP)(Session=RAW))

3. Return to the opc user, switch to the oracle user, and change to the wallet directory.

   sudo su - oracle
   cd /u01/app/oracle/admin/dbsys12_phx3wm/xdb_wallet

4. List the directory contents and note the permissions.

   ls -ltr

   Output:

   total 8
   -rw------- 1 oracle asmadmin 3881 Apr  6 16:32 ewallet.p12
   -rw------- 1 oracle asmadmin 3926 Apr  6 16:32 cwallet.sso

5. Change the permissions:

   chmod 640 /u01/app/oracle/admin/dbsys12_phx3wm/xdb_wallet/*

6. Verify that read permissions were added.

   ls -ltr

   Output:

   total 8
   -rw-r----- 1 oracle asmadmin 3881 Apr  6 16:32 ewallet.p12
   -rw-r----- 1 oracle asmadmin 3926 Apr  6 16:32 cwallet.sso

7. Repeat the steps above on the other node in the cluster.

After you've enabled the Console and opened its port in the security list and iptables, you can connect as follows:

1. From a web browser, connect to the Console using the following URL format:

   https://<ip_address>:<port>/em

   For example, https://129.145.0.164:5500/em

   Use the DB system's private or public IP address depending on your network configuration.

   Use the private IP address to connect to the system from your on-premises network, or from within the Virtual Cloud Network (VCN). This includes connecting from a host located on-premises connecting through a VPN or FastConnect to your VCN, or from another host in the same VCN. Use the public IP address to connect to the system from outside the cloud (with no VPN). You can find the IP addresses in the Console as follows:

   • On the DB System Details page, under Resources, click Nodes.
   • The Public IP address and Private IP address & DNS name are displayed in the table columns.
2. A login page is displayed and you can log in with any valid database credentials.

   

3. The Database Home page is displayed.

   

To learn more about EM Express, see Introduction to Oracle Enterprise Manager Database Express.