Administration Console Online Help

Previous Next Open TOC in new window
Content starts here

Configure identity and trust


Private keys, digital certificates, and trusted certificate authority certificates establish and verify identity and trust in the WebLogic Server environment. WebLogic Server is configured with a default identity keystore DemoIdentity.jks and a default trust keystore DemoTrust.jks. In addition, WebLogic Server trusts the certificate authorities in the cacerts file in the JDK. This default keystore configuration is appropriate for testing and development purposes. However, these keystores should not be used in a production environment.

Note: If you are using the demo certificates in a multi-server domain, Managed Server instances will fail to boot if you specify the fully-qualified DNS name. For information about this limitation and suggested workarounds, see Limitation on CertGen Usage in Securing Oracle WebLogic Server.

To configure identity and trust for a server:

  1. Obtain digital certificates, private keys, and trusted CA certificates from the CertGen utility, Sun Microsystem’s keytool utility, or a reputable vendor such as Entrust or Verisign. You can also use the digital certificates, private keys, and trusted CA certificates provided by the WebLogic Server kit. The demonstration digital certificates, private keys, and trusted CA certificates should be used in a development environment only.
  2. Store the private keys, digital certificates, and trusted CA certificates. Private keys and trusted CA certificates are stored in a keystore.

    Note: This release of WebLogic Server supports private keys and trusted CA certificates stored in files, or in the WebLogic Keystore provider for the purpose of backward compatibility only.

  3. Configure the identity and trust keystores for a WebLogic Server instance on the Configuration: Keystores page.

    See Configure keystores and Configuration Options.

After you finish

After you configure identity and trust keystores for a WebLogic Server instance, you can configure its SSL attributes. These attributes describe the location of the identity key and certificate in the keystore specified on the Configuration: Keystores page. Use the Configuration: SSL page to specify this information. See Configuration Options.

Related Tasks

Related Topics


Back to Top