Skip navigation.

eDocs Home > BEA WebLogic Server 8.1 Documentation > WebLogic Server Command Reference > Using the WebLogic Server Java Utilities

WebLogic Server Command Reference

  Previous Next vertical dots separating previous/next from contents/index/pdf Contents Index View as PDF   Get Adobe Reader

 

ValidateCertChain

WebLogic Server provides the ValidateCertChain utility to check whether or not an existing certificate chain will be rejected by WebLogic Server. The utility uses certificate chains from PEM files, PKCS-12 files, PKCS-12 keystores, and JKS keystores. A complete certificate chain must be used with the utility. The following is the syntax for the ValidateCertChain utility:

java utils.ValidateCertChain -file pemcertificatefilenamejava utils.ValidateCertChain -pem pemcertificatefilenamejava utils.ValidateCertChain -pkcs12store pkcs12storefilenamejava utils.ValidateCertChain -pkcs12file pkcs12filename passwordjava utils.ValidateCertChain -jks alias storefilename [storePass]

Example of valid certificate chain:

java utils.ValidateCertChain -pem zippychain.pemCert[0]: CN=zippy,OU=FOR TESTINGONLY,O=MyOrganization,L=MyTown,ST=MyState,C=USCert[1]: CN=CertGenCAB,OU=FOR TESTINGONLY,O=MyOrganization,L=MyTown,ST=MyState,C=US

Certificate chain appears valid

Example of invalid certificate chain:

java utils.ValidateCertChain -jks mykey mykeystoreCert[0]: CN=corba1,OU=FOR TESTING ONLY, O=MyOrganization,L=MyTown,ST=MyState,C=US

CA cert not marked with critical BasicConstraint indicating it is a CACert[1]: CN=CACERT,OU=FOR TESTING ONLY, O=MyOrganization,L=MyTown,ST=MyState,C=USCertificate chain is invalid

 

Skip navigation bar  Back to Top Previous Next