Use this tab to configure a Keystore provider for a security realm. A Keystore is a mechanism designed to store password-protected store private keys. In the WebLogic Server security architecture, a Keystore provider is used to access keystores. WebLogic Server only supports the WebLogic Keystore provider.

Attribute Label	Description	Value Constraints
Name	The name of this configuration. WebLogic Server uses an MBean to implement and persist the configuration. Attribute: Name	Configurable: yes Readable: yes Writable: yes
Version	The version of the WebLogic Keystore provider. Attribute: Version	Default: "1.0" Readable: yes
Description	Default KeyStore Security provider that obtains secured private keys from KeyStores using the JavaSoft jks KeyStore provider type. Attribute: Description	Default: "Default KeyStore Security provider that obtains secured private keys from KeyStore." Readable: yes
Private Key Store Location	The location of a private Keystore. The default Keystore provider requires a directory and filename location that is either a complete filepath, or is relative to the server's root directory. Attribute: PrivateKeyStoreLocation	Default: "wlDefaultKeyStore.jks" Readable: yes
Private Key Store Pass Phrase	The password for the private Keystore that is specified by the PrivateKeyStoreLocationattribute. If you set a null value, no password is required to access the private Keystore. Attribute: PrivateKeyStorePassPhrase	Default: null Encrypted: yes Readable: yes
Root CAKey Store Location	The location of a Root Certificate Authority Keystore. The default Keystore provider requires a directory and filename location that is either a complete filepath, or relative to the server's root directory. If you set a null value, Weblogic Server defaults to loading the trusted Certificate Authorities that are in the installed JDK cacerts Keystore, which is JAVA_HOME/jre/lib/security/cacertsand the trusted Certificate Authorities defined by the SSL MBean, if specified. Attribute: RootCAKeyStoreLocation	Readable: yes
Root CAKey Store Pass Phrase	The password for the Root Certificate Authority Keystore that is specified by the RootCAKeyStoreLocation attribute. A Root Certificate Authority Keystore stores trusted Certificate Authorities. If you set a null value, no password is required to access the Root Certificate Authority KeyStore. This behavior may be overridden by the configured KeyStore implementation. For more information about legal values, refer to the documentation supplied by the Keystore security vendor. Attribute: RootCAKeyStorePassPhrase	Default: null Encrypted: yes Readable: yes
Type	The type of the Keystore implementation, as defined by the JavaSoft Cryptography Architecture specification. Set to null or an empty string to use the default keystore type configured in the java.security file. Attribute: Type	Default: "jks" Readable: yes

Attribute Label

Description

Value Constraints

Name

The name of this configuration. WebLogic Server uses an MBean to implement and persist the configuration.

Attribute: Name

Configurable: yes

Readable: yes

Writable: yes

Version

The version of the WebLogic Keystore provider.

Attribute: Version

Default: "1.0"

Readable: yes

Description

Default KeyStore Security provider that obtains secured private keys from KeyStores using the JavaSoft jks KeyStore provider type.

Attribute: Description

Default: "Default KeyStore Security provider that obtains secured private keys from KeyStore."

Readable: yes

Private Key Store Location

The location of a private Keystore. The default Keystore provider requires a directory and filename location that is either a complete filepath, or is relative to the server's root directory.

Attribute: PrivateKeyStoreLocation

Default: "wlDefaultKeyStore.jks"

Readable: yes

Private Key Store Pass Phrase

The password for the private Keystore that is specified by the PrivateKeyStoreLocationattribute. If you set a null value, no password is required to access the private Keystore.

Attribute: PrivateKeyStorePassPhrase

Default: null

Encrypted: yes

Readable: yes

Root CAKey Store Location

The location of a Root Certificate Authority Keystore.

The default Keystore provider requires a directory and filename location that is either a complete filepath, or relative to the server's root directory.

If you set a null value, Weblogic Server defaults to loading the trusted Certificate Authorities that are in the installed JDK cacerts Keystore, which is JAVA_HOME/jre/lib/security/cacertsand the trusted Certificate Authorities defined by the SSL MBean, if specified.

Attribute: RootCAKeyStoreLocation

Readable: yes

Root CAKey Store Pass Phrase

The password for the Root Certificate Authority Keystore that is specified by the RootCAKeyStoreLocation attribute. A Root Certificate Authority Keystore stores trusted Certificate Authorities. If you set a null value, no password is required to access the Root Certificate Authority KeyStore. This behavior may be overridden by the configured KeyStore implementation.

For more information about legal values, refer to the documentation supplied by the Keystore security vendor.

Attribute: RootCAKeyStorePassPhrase

Default: null

Encrypted: yes

Readable: yes

Type

The type of the Keystore implementation, as defined by the JavaSoft Cryptography Architecture specification. Set to null or an empty string to use the default keystore type configured in the java.security file.

Attribute: Type

Default: "jks"

Readable: yes