You will need a private key and a certificate (in DER format). The certificate can be self-signed for testing.
The suggested location for the certificate/key files is /home/oracle/keystorevi /u01/app/ords/conf/ords/standalone/standalone.properties
Append the following...
# SSL Confile
jetty.secure.port=8443
ssl.cert=/home/oracle/keystore/ordscert.der
ssl.cert.key=/home/oracle/keystore/ordskey.der
ssl.host=delphi
Restart ORDS
/u01/dba/ords/scripts/stop_ords.sh
/u01/dba/ords/scripts/start_ords.sh
There are issues running standalone ORDS with SSL on AIX due to all IBM cipher suite names begin with SSL_ even though the RFC standard says some should begin with TLS_. Jetty auto excludes names beginning with SSL (Our exclusion of ^SSL_.*$ is to comply with our stated goal of being up to date with industry practices of not allowing use of vulnerable Cipher Suites). It is possible to override this in a standard Jetty install but the way Oracle have embedded Jetty into the ords.war file makes this very difficult to address. (Theoretically you could extract the WAR file contents, update the config, and recreate the WAR file, but this feels too risky for a production environment).
https://github.com/eclipse/jetty.project/issues/2921 https://stackoverflow.com/questions/58857846/is-there-a-way-to-make-the-ibm-jvm-use-standard-rfc-cipher-suite-names