Administration Console Online Help

Previous Next Open TOC in new window
Content starts here

Configure Certification Path Providers

Before you begin

Understand the role of certificates in identity and trust, as described in Identity and Trust and Configuring Identity and Trust.


A Certification Path provider completes and validates certificate chains by using trusted CA based checking. The provider checks the signatures in the chain, ensures that the chain has not expired, and confirms that one of the certificates in the chain is issued by one of the server’s trusted CAs. If any of these checks fail, the chain is not valid. Optionally, the provider checks the certificate chain’s basic constraints.

WebLogic Server includes the following Certification Path providers:

  • Certificate Registry
  • WebLogic Certification Path provider
For information about the features of these providers, see Configuring the Credential Lookup and Validation Framework.

To configure a Certification Path provider:

  1. If you have not already done so, in the Change Center of the Administration Console, click Lock & Edit (see Use the Change Center).
  2. In the left pane, select Security Realms and click the name of the realm you are configuring (for example, myrealm).
  3. Select Providers > Certification Path.

    The Certification Path Providers table lists the Certification Path providers configured in this security realm.

  4. Click New.

    The Create a New Certification Path Provider page appears.

  5. From the Type drop-down list, select the type of Certification Path provider and click Next.
  6. In the Name field, enter a name for the Certification Path provider and click Next.
  7. On the Select a Certification Path Builder page, either keep the existing builder or replace it with the potential one, and click Finish.
  8. In the Change Center, click Activate Changes and then restart WebLogic Server.

After you finish

To make the new Certification Path provider the current builder of certificate chains for this realm, select Providers > Certification Path and click on the name of the Certification Path provider. Check the Current Builder box.


Back to Top