Administration Console Online Help

Previous Next Open TOC in new window
Content starts here

Configure X.509 certificate revocation checking in a domain

Before you begin

Configure the identity and trust keystores for WebLogic Server. See Configure identity and trust.

WebLogic Server’s JSSE implementation supports X.509 certificate revocation (CR) checking, which checks a certificate’s revocation status as part of the SSL certificate validation process. CR checking improves the security of certificate usage by ensuring that received certificates have not been revoked by the issuing certificate authority. By default, CR checking is disabled in WebLogic Server.

WebLogic Server's CR checking implementation includes both the Online Certificate Status Protocol (OCSP) and certificate revocation lists (CRLs). For more information, see X.509 Certificate Revocation Checking.

You can perform the following tasks to configure X.509 certificate revocation checking in a WebLogic domain:

Related Tasks

Related Topics

Back to Top