Private keys, digital
certificates, and trusted certificate authority certificates establish
and verify identity and trust in the WebLogic Server environment.
WebLogic Server is configured with a default identity keystore
DemoIdentity.jks
and a default trust keystore
DemoTrust.jks
. In addition, WebLogic Server trusts the
certificate authorities in the cacerts
file in the JDK.
This default keystore configuration is appropriate for testing and
development purposes. However, these keystores should not be used in a
production environment.
Note: If you are using the demo certificates in a multi-server domain, Managed Server instances will fail to boot if you specify the fully-qualified DNS name. For information about this limitation and suggested workarounds, see Limitation on CertGen Usage in Securing Oracle WebLogic Server.
To configure identity and trust for a server:
Note: This release of WebLogic Server supports private keys and trusted CA certificates stored in files, or in the WebLogic Keystore provider for the purpose of backward compatibility only.
See Configure keystores and Configuration Options.
After you finish
After you configure identity and trust keystores for a WebLogic Server instance, you can configure its SSL attributes. These attributes describe the location of the identity key and certificate in the keystore specified on the Configuration: Keystores page. Use the Configuration: SSL page to specify this information. See Configuration Options.