This chapter provides descriptions of custom WebLogic Scripting Tool (WLST) commands for Oracle Fusion Middleware SSL, including command syntax, arguments and examples.
The following section lists the Oracle Fusion Middleware SSL WLST commands and contains links to the command reference details.
Use the WLST commands listed in Table 2-1 to view and manage SSL configuration for Oracle Fusion Middleware components.
Table 2-1 WLST Commands for SSL Configuration
Use this command... | To... | Use with WLST... |
---|---|---|
Generate a certificate signing request in an Oracle wallet. |
Online |
|
Add a self-signed certificate to an Oracle wallet. |
Online |
|
Change the password to a JKS keystore. |
Online |
|
Change the password to an Oracle wallet. |
Online |
|
Set the SSL attributes for a component listener. |
Online |
|
Create a JKS keystore. |
Online |
|
Create an Oracle wallet. |
Online |
|
Delete a JKS keystore. |
Online |
|
Delete an Oracle wallet. |
Online |
|
Export a JKS keystore to a file. |
Online |
|
Export an object from a JKS keystore to a file. |
Online |
|
Export an Oracle wallet to a file. |
Online |
|
Export an object from an Oracle wallet to a file. |
Online |
|
Generate a key pair in a JKS keystore. |
Online |
|
Display a certificate or other object present in a JKS keystore. |
Online |
|
Display the SSL attributes for a component listener. |
Online |
|
Display a certificate or other object present in an Oracle wallet. |
Online |
|
Import a JKS keystore from a file. |
Online |
|
Import a certificate or other object from a file to a JKS keystore. |
Online |
|
Import an Oracle wallet from a file. |
Online |
|
Import a certificate or other object from a file to an Oracle wallet. |
Online |
|
List all objects present in a JKS keystore. |
Online |
|
List all JKS keystores configured for a component instance. |
Online |
|
List all objects present in an Oracle wallet. |
Online |
|
List all Oracle wallets configured for a component instance. |
Online |
|
Remove a certificate or other object from a component instance's JKS keystore. |
Online |
|
Remove a certificate or other object from a component instance's Oracle wallet. |
Online |
For more information, see the Oracle Fusion Middleware Administrator's Guide.
Online command that generates a certificate signing request in an Oracle wallet.
This command generates a certificate signing request in Base64 encoded PKCS#10 format in an Oracle wallet for a component instance (Oracle HTTP Server, Oracle WebCache or Oracle Internet Directory). To get a certificate signed by a certificate authority (CA), send the certificate signing request to your CA.
addCertificateRequest(instName, compName, compType, walletName, password, DN, keySize)
Argument | Definition |
---|---|
instName |
Specifies the name of the application server instance. |
compName |
Specifies the name of the component instance. |
compType |
Specifies the type of component. Valid values are 'ohs', 'oid', and 'webcache'. |
walletName |
Specifies the name of the wallet file. |
password |
Specifies the password of the wallet. |
DN |
Specifies the Distinguished Name of the key pair entry. |
keySize |
Specifies the key size in bits. |
The following command generates a certificate signing request with DN cn=www.example.com
and key size 1024
in wallet1
, for Oracle Internet Directory instance oid1
, in application server instance inst1
:
wls:/mydomain/serverConfig> addCertificateRequest('inst1', 'oid1', 'oid','wallet1', 'password', 'cn=www.example.com', '1024')
Online command that adds a self-signed certificate.
This command creates a key pair and wraps it in a self-signed certificate in an Oracle wallet for the specified component instance (Oracle HTTP Server, Oracle WebCache or Oracle Internet Directory). Only keys based on the RSA algorithm are generated.
addSelfSignedCertificate(instName, compName, compType, walletName, password, DN, keySize)
Argument | Definition |
---|---|
instName |
Specifies the name of the application server instance. |
compName |
Specifies the name of the component instance. |
compType |
Specifies the type of component. Valid values are 'ohs', 'oid', and 'webcache'. |
walletName |
Specifies the name of the wallet file. |
password |
Specifies the password of the wallet. |
DN |
Specifies the Distinguished Name of the key pair entry. |
keySize |
Specifies the key size in bits. |
The following command adds a self-signed certificate with DN cn=www.example.com
, key size 1024
to wallet1
, for Oracle Internet Directory instance oid1
, in application server instance inst1:
wls:/mydomain/serverConfig> addSelfSignedCertificate('inst1', 'oid1', 'oid','wallet1', 'password', 'cn=www.example.com', '1024')
Online command that changes the keystore password.
This command changes the password of a Java Keystore (JKS) file for an Oracle Virtual Directory instance.
changeKeyStorePassword(instName, compName, compType, keystoreName, currPassword, newPassword)
Argument | Definition |
---|---|
instName |
Specifies the name of the application server instance. |
compName |
Specifies the name of the component instance. |
compType |
Specifies the type of component. Valid value is 'ovd'. |
keystoreName |
Specifies the file name of the keystore. |
currPassword |
Specifies the current keystore password. |
newPassword |
Specifies the new keystore password. |
Online command that changes the password of an Oracle wallet.
This command changes the password of an Oracle wallet for the specified component instance (Oracle HTTP Server, Oracle WebCache or Oracle Internet Directory). This command is only applicable to password-protected wallets.
changeWalletPassword(instName, compName, compType, walletName,currPassword, newPassword)
Argument | Definition |
---|---|
instName |
Specifies the name of the application server instance. |
compName |
Specifies the name of the component instance. |
compType |
Specifies the type of component. Valid values are 'oid', 'ohs', and 'webcache'. |
walletName |
Specifies the file name of the wallet. |
currPassword |
Specifies the current wallet password. |
newPassword |
Specifies the new wallet password. |
Online command that sets SSL attributes.
This command sets the SSL attributes for a component listener. The attributes are specified in a properties file format (name=value). If a properties file is not provided, or it does not contain any SSL attributes, default attribute values are used. For component-specific SSL attribute value defaults, see the chapter "SSL Configuration in Oracle Fusion Middleware" in the Oracle Fusion Middleware Administrator's Guide.
configureSSL(instName, compName, compType, listener, filePath)
Argument | Definition |
---|---|
instName |
Specifies the name of the application server instance. |
compName |
Specifies the name of the component instance. |
compType |
Specifies the type of component. Valid values are 'oid', 'ovd', ohs', and 'webcache'. |
listener |
Specifies the name of the component listener to be configured for SSL. |
filePath |
Specifies the absolute path of the properties file containing the SSL attributes to set. |
The following command configures SSL attributes specified in the properties file /tmp/ssl.properties
for Oracle Virtual Directory instance ovd1
in application server instance inst1
, for listener listener1
:
wls:/mydomain/serverConfig> configureSSL('inst1', 'ovd1', 'ovd', 'listener1','/tmp/ssl.properties')
The following command configures SSL attributes without specifying a properties file. Since no file is provided, the default SSL attribute values are used:
wls:/mydomain/serverConfig> configureSSL('inst1', 'ovd1', 'ovd', 'listener2')
Online command that creates a JKS keystore.
This command creates a Java keystore (JKS) for the specified Oracle Virtual Directory instance. For keystore file location and other information, see the chapter "Managing Keystores, Wallets, and Certificates" in the Oracle Fusion Middleware Administrator's Guide.
createKeyStore(instName, compName, compType, keystoreName, password)
Argument | Definition |
---|---|
instName |
Specifies the name of the application server instance. |
compName |
Specifies the name of the component instance. |
compType |
Specifies the type of component. Valid value is 'ovd'. |
keystoreName |
Specifies the file name of the keystore file to be created. |
password |
Specifies the keystore password. |
Online command that creates an Oracle wallet.
This command creates an Oracle wallet for the specified component instance (Oracle HTTP Server, Oracle WebCache or Oracle Internet Directory). Wallets can be of password-protected or auto-login type. For wallet details, see the chapter "Managing Keystores, Wallets, and Certificates" in the Oracle Fusion Middleware Administrator's Guide.
createWallet(instName, compName, compType, walletName, password)
Argument | Definition |
---|---|
instName |
Specifies the name of the application server instance. |
compName |
Specifies the name of the component instance. |
compType |
Specifies the type of component. Valid values are 'oid', 'ohs', and 'webcache'. |
walletName |
Specifies the name of the wallet file to be created. |
password |
Specifies the wallet password. |
The following command creates a wallet named wallet1
with password password
, for Oracle HTTP Server instance ohs1
in application server instance inst1
:
wls:/mydomain/serverConfig> createWallet('inst1', 'ohs1', 'ohs','wallet1', 'password')
The following command creates an auto-login wallet named wallet2
for Oracle WebCache instance wc1
, in application server instance inst1
:
wls:/mydomain/serverConfig> createWallet('inst1', 'wc1', 'webcache','wallet2', '')
Online command that deletes a keystore.
deleteKeyStore(instName, compName, compType, keystoreName)
Argument | Definition |
---|---|
instName |
Specifies the name of the application server instance. |
compName |
Specifies the name of the component instance. |
compType |
Specifies the type of component. Valid value is 'ovd'. |
keystoreName |
Specifies the name of the keystore file to delete. |
Online command that deletes an Oracle wallet.
This command deletes an Oracle wallet for the specified component instance (Oracle HTTP Server, Oracle WebCache or Oracle Internet Directory).
deleteWallet(instName, compName, compType, walletName)
Argument | Definition |
---|---|
instName |
Specifies the name of the application server instance. |
compName |
Specifies the name of the component instance. |
compType |
Specifies the type of component. Valid values are 'oid', 'ohs', and 'webcache'. |
walletName |
Specifies the name of the wallet file to be deleted. |
Online command that exports the keystore to a file.
This command exports a keystore, configured for the specified Oracle Virtual Directory instance, to a file under the given directory. The exported file name is the same as the keystore name.
exportKeyStore(instName, compName, compType, keystoreName, password, path)
Argument | Definition |
---|---|
instName |
Specifies the name of the application server instance. |
compName |
Specifies the name of the component instance. |
compType |
Specifies the type of component. Valid value is 'ovd'. |
keystoreName |
Specifies the name of the keystore file. |
password |
Specifies the password of the keystore. |
path |
Specifies the absolute path of the directory under which the keystore is exported. |
Online command that exports an object from a keystore to a file.
This command exports a certificate signing request, certificate/certificate chain, or trusted certificate present in a Java keystore (JKS) to a file for the specified Oracle Virtual Directory instance. The certificate signing request is generated before exporting the object. The alias specifies the object to be exported.
exportKeyStoreObject(instName, compName, compType, keystoreName, password, type, path, alias)
Argument | Definition |
---|---|
instName |
Specifies the name of the application server instance. |
compName |
Specifies the name of the component instance. |
compType |
Specifies the type of component. Valid value is 'ovd'. |
keystoreName |
Specifies the name of the keystore file. |
password |
Specifies the password of the keystore. |
type |
Specifies the type of the keystore object to be exported. Valid values are 'CertificateRequest', 'Certificate', 'TrustedCertificate' and 'TrustedChain'. |
path |
Specifies the absolute path of the directory under which the object is exported as a file named base64.txt. |
alias |
Specifies the alias of the keystore object to be exported. |
The following command generates and exports a certificate signing request from the key-pair indicated by alias mykey
in keys.jks
, for Oracle Virtual Directory instance ovd1
in application server instance inst1
. The certificate signing request is exported under the directory /tmp
:
wls:/mydomain/serverConfig> exportKeyStoreObject('inst1', 'ovd1', 'ovd','keys.jks', 'password', 'CertificateRequest', '/tmp','mykey')
The following command exports a certificate or certificate chain indicated by alias mykey
in keys.jks
, for Oracle Virtual Directory instance ovd1
, in application server instance inst1
. The certificate or certificate chain is exported under the directory /tmp
:
wls:/mydomain/serverConfig> exportKeyStoreObject('inst1', 'ovd1', 'ovd','keys.jks', 'password', 'Certificate', '/tmp','mykey')
The following command exports a trusted certificate indicated by alias mykey
in keys.jks
, for Oracle Virtual Directory instance ovd1
, in application server instance inst1
. The trusted certificate is exported under the directory /tmp
:
wls:/mydomain/serverConfig> exportKeyStoreObject('inst1', 'ovd1', 'ovd','keys.jks', 'password', 'TrustedCertificate', '/tmp','mykey')
Online command that exports an Oracle wallet.
This command exports an Oracle wallet, configured for a specified component instance (Oracle HTTP Server, Oracle WebCache or Oracle Internet Directory), to file(s) under the given directory. If the exported file is an auto-login only wallet, the file name is 'cwallet.sso'. If it is password-protected wallet, two files are created: 'ewallet.p12' and 'cwallet.sso'.
exportWallet(instName, compName, compType, walletName,password, path)
Argument | Definition |
---|---|
instName |
Specifies the name of the application server instance. |
compName |
Specifies the name of the component instance. |
compType |
Specifies the type of component. Valid values are 'oid', 'ohs', and 'webcache'. |
walletName |
Specifies the name of the wallet file. |
password |
Specifies the password of the wallet. |
path |
Specifies the absolute path of the directory under which the object is exported. |
The following command exports auto-login wallet wallet1
for Oracle Internet Directory instance oid1
to file cwallet.sso
under /tmp
:
wls:/mydomain/serverConfig> exportWallet('inst1', 'oid1', 'oid', 'wallet1','','/tmp')
The following command exports password-protected wallet wallet2
for Oracle Internet Directory instance oid1
to two files, ewallet.p12
and cwallet.sso
, under /tmp
:
wls:/mydomain/serverConfig> exportWallet('inst1', 'oid1', 'oid', 'wallet2', 'password', '/tmp')
Online command that exports a certificate or other wallet object to a file.
This command exports a certificate signing request, certificate, certificate chain or trusted certificate present in an Oracle wallet to a file for the specified component instance (Oracle HTTP Server, Oracle WebCache or Oracle Internet Directory). DN is used to indicate the object to be exported.
exportWalletObject(instName, compName, compType, walletName, password, type, path, DN)
Argument | Definition |
---|---|
instName |
Specifies the name of the application server instance. |
compName |
Specifies the name of the component instance. |
compType |
Specifies the type of component. Valid values are 'ohs', 'oid', and 'webcache'. |
walletName |
Specifies the name of the wallet file. |
password |
Specifies the password of the wallet. |
type |
Specifies the type of wallet object to be exported. Valid values are 'CertificateRequest', 'Certificate', 'TrustedCertificate' or 'TrustedChain'. |
path |
Specifies the absolute path of the directory under which the object is exported as a file base64.txt. |
DN |
Specifies the Distinguished Name of the wallet object being exported. |
The following command exports a certificate signing request with DN cn=www.example.com
in wallet1
, for Oracle Internet Directory instance oid1
, in application server instance inst1
. The certificate signing request is exported under the directory /tmp
:
wls:/mydomain/serverConfig> exportWalletObject('inst1', 'oid1', 'oid','wallet1', 'password', 'CertificateRequest', '/tmp','cn=www.example.com')
The following command exports a certificate with DN cn=www.example.com
in wallet1
, for Oracle Internet Directory instance oid1
, in application server instance inst1
. The certificate or certificate chain is exported under the directory /tmp
:
wls:/mydomain/serverConfig> exportWalletObject('inst1', 'oid1', 'oid','wallet1', 'password', 'Certificate', '/tmp','cn=www.example.com')
The following command exports a trusted certificate with DN cn=www.example.com
in wallet1
, for Oracle Internet Directory instance oid1
, in application server instance inst1
. The trusted certificate is exported under the directory /tmp
:
wls:/mydomain/serverConfig> exportWalletObject('inst1', 'oid1', 'oid','wallet1', 'password', 'TrustedCertificate', '/tmp','cn=www.example.com')
The following command exports a certificate chain with DN cn=www.example.com
in wallet1
, for Oracle Internet Directory instance oid1,
in application server instance inst1
. The certificate or certificate chain is exported under the directory /tmp
:
wls:/mydomain/serverConfig> exportWalletObject('inst1', 'oid1', 'oid','wallet1', 'password', 'TrustedChain', '/tmp','cn=www.example.com')
Online command that generates a key pair in a Java keystore.
This command generates a key pair in a Java keystore (JKS) for Oracle Virtual Directory. It also wraps the key pair in a self-signed certificate. Only keys based on the RSA algorithm are generated.
generateKey(instName, compName, compType, keystoreName, password, DN, keySize, alias, algorithm)
Argument | Definition |
---|---|
instName |
Specifies the name of the application server instance. |
compName |
Specifies the name of the component instance. |
compType |
Specifies the type of component. Valid value is 'ovd'. |
keystoreName |
Specifies the name of the keystore. |
password |
Specifies the password of the keystore. |
DN |
Specifies the Distinguished Name of the key pair entry. |
keySize |
Specifies the key size in bits. |
alias |
Specifies the alias of the key pair entry in the keystore. |
algorithm |
Specifies the key algorithm. Valid value is 'RSA'. |
The following command generates a key pair with DN cn=www.example.com
, key size 1024
, algorithm RSA
and alias mykey
in keys.jks
, for Oracle Virtual Directory instance ovd1
in application server instance inst1
:
wls:/mydomain/serverConfig> generateKey('inst1', 'ovd1', 'ovd','keys.jks', 'password', 'cn=www.example.com', '1024', 'mykey', 'RSA')
The following command is the same as above, except it does not explicitly specify the key algorithm:
wls:/mydomain/serverConfig> generateKey('inst1', 'ovd1', 'ovd','keys.jks', 'password', 'cn=www.example.com', '1024', 'mykey')
Online command that shows details about a keystore object.
This command displays a specific certificate or trusted certificate present in a Java keystore (JKS) for Oracle Virtual Directory. The keystore object is indicated by its index number, as given by the listKeyStoreObjects
command. It shows the certificate details including DN, key size, algorithm, and other information.
getKeyStoreObject(instName, compName, compType, keystoreName, password, type, index)
Argument | Definition |
---|---|
instName |
Specifies the name of the application server instance. |
compName |
Specifies the name of the component instance. |
compType |
Specifies the type of component. Valid value is 'ovd'. |
keystoreName |
Specifies the name of the keystore file. |
password |
Specifies the password of the keystore. |
type |
Specifies the type of the keystore object to be listed. Valid values are 'Certificate' and 'TrustedCertificate'. |
index |
Specifies the index number of the keystore object as returned by the listKeyStoreObjects command. |
The following command shows a trusted certificate with index 1
present in keys.jks
, for Oracle Virtual Directory instance ovd1
, in application server instance inst1
:
wls:/mydomain/serverConfig> getKeyStoreObject('inst1', 'ovd1', 'ovd','keys.jks', 'password', 'TrustedCertificate', '1')
The following command shows a certificate with index 1
present in keys.jks
, for Oracle Virtual Directory instance ovd1
, in application server instance inst1
:
wls:/mydomain/serverConfig> getKeyStoreObject('inst1', 'ovd1', 'ovd','keys.jks', 'password', 'Certificate', '1')
Online command that lists the configured SSL attributes.
This command lists the configured SSL attributes for the specified component listener. For Oracle Internet Directory, the listener name is always sslport1
.
getSSL(instName, compName, compType, listener)
Argument | Definition |
---|---|
instName |
Specifies the name of the application server instance. |
compName |
Specifies the name of the component instance. |
compType |
Specifies the type of component. Valid values are 'ovd', 'oid', 'ohs', and 'webcache'. |
listener |
Specifies the name of the component listener. |
Online command that displays information about a certificate or other object in an Oracle wallet.
This command displays a specific certificate signing request, certificate or trusted certificate present in an Oracle wallet for the specified component instance (Oracle HTTP Server, Oracle WebCache or Oracle Internet Directory). The wallet object is indicated by its index number, as given by the listWalletObjects
command. For certificates or trusted certificates, it shows the certificate details including DN, key size, algorithm and other data. For certificate signing requests, it shows the subject DN, key size and algorithm.
getWalletObject(instName, compName, compType, walletName, password, type, index)
Argument | Definition |
---|---|
instName |
Specifies the name of the application server instance. |
compName |
Specifies the name of the component instance. |
compType |
Specifies the type of component. Valid values are 'ohs', 'oid', and 'webcache'. |
walletName |
Specifies the name of the wallet file. |
password |
Specifies the password of the wallet. |
type |
Specifies the type of wallet object to be exported. Valid values are 'CertificateRequest', 'Certificate', and 'TrustedCertificate'. |
index |
Specifies the index number of the wallet object as returned by the listWalletObjects command. |
The following command shows certificate signing request details for the object with index 0
present in wallet1
, for Oracle Internet Directory instance oid1
, in application server instance inst1
:
wls:/mydomain/serverConfig> getKeyStoreObject('inst1', 'oid1', 'oid','wallet1','password', 'CertificateRequest', '0')
The following command shows certificate details for the object with index 0
present in wallet1
, for Oracle Internet Directory instance oid1
, in application server instance inst1
:
wls:/mydomain/serverConfig> getKeyStoreObject('inst1', 'oid1', 'oid','wallet1','password', 'Certificate', '0')
The following command shows trusted certificate details for the object with index 0
, present in wallet1
, for Oracle Internet Directory instance oid1
, in application server instance inst1
:
wls:/mydomain/serverConfig> getKeyStoreObject('inst1', 'oid1', 'oid','wallet1','password', 'TrustedCertificate', '0')
Online command that imports a keystore from a file.
This command imports a Java keystore (JKS) from a file to the specified Oracle Virtual Directory instance for manageability. The component instance name must be unique.
importKeyStore(instName, compName, compType, keystoreName, password, filePath)
Argument | Definition |
---|---|
instName |
Specifies the name of the application server instance. |
compName |
Specifies the name of the component instance. |
compType |
Specifies the type of component. Valid value is 'ovd'. |
keystoreName |
Specifies the name of the keystore being imported. This name must be unique for this component instance. |
password |
Specifies the password of the keystore. |
filePath |
Specifies the absolute path of the keystore file to be imported. |
Online command that imports an object from a file to a keystore.
This command imports a certificate, certificate chain, or trusted certificate into a Java keystore (JKS) for Oracle Virtual Directory, assigning it the specified alias which must be unique in the keystore. If a certificate or certificate chain is being imported, the alias must match that of the corresponding key-pair.
importKeyStoreObject(instName, compName, compType, keystoreName, password, type, filePath, alias)
Argument | Definition |
---|---|
instName |
Specifies the name of the application server instance. |
compName |
Specifies the name of the component instance. |
compType |
Specifies the type of component. Valid value is 'ovd'. |
keystoreName |
Specifies the name of the keystore. |
password |
Specifies the password of the keystore. |
type |
Specifies the type of the keystore object to be imported. Valid values are 'Certificate' and 'TrustedCertificate'. |
filePath |
Specifies the absolute path of the file containing the keystore object. |
alias |
Specifies the alias to assign to the keystore object to be imported. |
The following command imports a certificate or certificate chain from file cert.txt
into keys.jks
, using alias mykey
for Oracle Virtual Directory instance ovd1,
in application server instance inst1
. The file keys.jks
must already have an alias mykey
for a key-pair whose public key matches that in the certificate being imported:
wls:/mydomain/serverConfig> > importKeyStoreObject('inst1', 'ovd1', 'ovd','keys.jks', 'password', 'Certificate','/tmp/cert.txt', 'mykey')
The following command imports a trusted certificate from file trust.txt
into keys.jks
using alias mykey1
, for Oracle Virtual Directory instance ovd1
in application server instance inst1
:
wls:/mydomain/serverConfig> importKeyStoreObject('inst1', 'ovd1', 'ovd','keys.jks', 'password', 'TrustedCertificate','/tmp/trust.txt', 'mykey1')
Online command that imports an Oracle wallet from a file.
This command imports an Oracle wallet from a file to the specified component instance (Oracle HTTP Server, Oracle WebCache, or Oracle Internet Directory) for manageability. If the wallet being imported is an auto-login wallet, the file path must point to cwallet.sso
; if the wallet is password-protected, it must point to ewallet.p12
. The wallet name must be unique for the component instance.
importWallet(instName, compName, compType, walletName, password, filePath)
Argument | Definition |
---|---|
instName |
Specifies the name of the application server instance. |
compName |
Specifies the name of the component instance. |
compType |
Specifies the type of component. Valid values are 'ohs', 'oid', and 'webcache'. |
walletName |
Specifies the name of the wallet being imported. The name must be unique for the component instance. |
password |
Specifies the password of the wallet. |
filePath |
Specifies the absolute path of the wallet file being imported. |
The following command imports auto-login wallet file /tmp/cwallet.sso
as wallet1
into Oracle Internet Directory instance oid1
. Subsequently, the wallet is managed with the name wallet1
. No password is passed since it is an auto-login wallet:
wls:/mydomain/serverConfig> importWallet('inst1', 'oid1', 'oid', 'wallet1', '', '/tmp/cwallet.sso')
The following command imports password-protected wallet /tmp/ewallet.p12
as wallet2
into Oracle Internet Directory instance oid1
. Subsequently, the wallet is managed with the name wallet2
. The wallet password is passed as a parameter:
wls:/mydomain/serverConfig> importWallet('inst1', 'oid1', 'oid', 'wallet2', 'password', '/tmp/ewallet.p12')
Online command that imports a certificate or other object into an Oracle wallet.
This command imports a certificate, trusted certificate or certificate chain into an Oracle wallet for the specified component instance (Oracle HTTP Server, Oracle WebCache component or Oracle Internet Directory).When importing a certificate, use the same wallet file from which the certificate signing request was generated.
importWalletObject(instName, compName, compType, walletName, password, type, filePath)
Argument | Definition |
---|---|
instName |
Specifies the name of the application server instance. |
compName |
Specifies the name of the component instance. |
compType |
Specifies the type of component. Valid values are 'ohs', 'oid', and 'webcache'. |
walletName |
Specifies the name of the wallet file. |
password |
Specifies the password of the wallet. |
type |
Specifies the type of wallet object to be imported. Valid values are 'Certificate', 'TrustedCertificate' and 'TrustedChain'. |
filePath |
Specifies the absolute path of the file containing the wallet object. |
The following command imports a certificate chain in PKCS#7 format from file chain.txt
into wallet1
, for Oracle Internet Directory instance oid1
, in application server instance inst1
:
wls:/mydomain/serverConfig> importWalletObject('inst1', 'oid1', 'oid','wallet1', 'password', 'TrustedChain','/tmp/chain.txt')
The following command imports a certificate from file cert.txt
into wallet1
, for Oracle Internet Directory instance oid1
, in application server instance inst1
:
wls:/mydomain/serverConfig> importWalletObject('inst1', 'oid1', 'oid','wallet1', 'password', 'Certificate','/tmp/cert.txt')
The following command imports a trusted certificate from file trust.txt
into wallet1
, for Oracle Internet Directory instance oid1
, in application server instance inst1
:
wls:/mydomain/serverConfig> importWalletObject('inst1', 'oid1', 'oid','wallet1', 'password', 'TrustedCertificate','/tmp/trust.txt')
Online command that lists the contents of a keystore.
This command lists all the certificates or trusted certificates present in a Java keystore (JKS) for Oracle Virtual Directory.
listKeyStoreObjects(instName, compName, compType, keystoreName, password, type)
Argument | Definition |
---|---|
instName |
Specifies the name of the application server instance. |
compName |
Specifies the name of the component instance. |
compType |
Specifies the type of component. Valid value is 'ovd'. |
keystoreName |
Specifies the name of the keystore file. |
password |
Specifies the password of the keystore. |
type |
Specifies the type of keystore object to be listed. Valid values are 'Certificate' and 'TrustedCertificate'. |
The following command lists all trusted certificates present in keys.jks
, for Oracle Virtual Directory instance ovd1
, in application server instance inst1
:
wls:/mydomain/serverConfig> listKeyStoreObjects('inst1', 'ovd1', 'ovd','keys.jks', 'password', 'TrustedCertificate')
The following command lists all certificates present in keys.jks
, for Oracle Virtual Directory instance ovd1
, in application server instance inst1
:
wls:/mydomain/serverConfig> listKeyStoreObjects('inst1', 'ovd1', 'ovd','keys.jks', 'password', 'Certificate')
Online command that lists all the keystores for a component.
This command lists all the Java keystores (JKS) configured for the specified Oracle Virtual Directory instance.
listKeyStores(instName, compName, compType)
Argument | Definition |
---|---|
instName |
Specifies the name of the application server instance. |
compName |
Specifies the name of the component instance |
compType |
Specifies the type of component. Valid value is 'ovd'. |
Online command that lists all objects in an Oracle wallet.
This command lists all certificate signing requests, certificates, or trusted certificates present in an Oracle wallet for the specified component instance (Oracle HTTP Server, Oracle WebCache or Oracle Internet Directory).
listWalletObjects(instName, compName, compType, walletName, password, type)
Argument | Definition |
---|---|
instName |
Specifies the name of the application server instance. |
compName |
Specifies the name of the component instance. |
compType |
Specifies the type of component. Valid values are 'ohs', 'oid', and 'webcache'. |
walletName |
Specifies the name of the wallet file. |
password |
Specifies the password of the wallet. |
type |
Specifies the type of wallet object to be listed. Valid values are 'CertificateRequest', 'Certificate', and 'TrustedCertificate'. |
The following command lists all certificate signing requests in wallet1
, for Oracle Internet Directory instance oid1
, in application server instance inst1
:
wls:/mydomain/serverConfig> > listWalletObjects('inst1', 'oid1', 'oid','wallet1','password', 'CertificateRequest')
The following command lists all certificates in wallet1
, for Oracle Internet Directory instance oid1
, in application server instance inst1
:
wls:/mydomain/serverConfig> listWalletObjects('inst1', 'oid1', 'oid','wallet1','password', 'Certificate')
The following command lists all trusted certificates in wallet1
, for Oracle Internet Directory instance oid1
, in application server instance inst1
:
wls:/mydomain/serverConfig> listWalletObjects('inst1', 'oid1', 'oid','wallet1','password', 'TrustedCertificate')
Online command that lists all wallets configured for a component instance.
This command displays all the wallets configured for the specified component instance (Oracle HTTP Server, Oracle WebCache or Oracle Internet Directory), and identifies the auto-login wallets.
listWallets(instName, compName, compType)
Argument | Definition |
---|---|
instName |
Specifies the name of the application server instance. |
compName |
Specifies the name of the component instance |
compType |
Specifies the type of component. Valid values are 'ohs', 'oid', and 'webcache'. |
Online command that removes an object from a keystore.
This command removes a certificate request, certificate, trusted certificate, or all trusted certificates from a Java keystore (JKS) for Oracle Virtual Directory. Use an alias to remove a specific object; no alias is needed if all trusted certificates are being removed.
removeKeyStoreObject(instName, compName, compType, keystoreName, password, type, alias)
Argument | Definition |
---|---|
instName |
Specifies the name of the application server instance. |
compName |
Specifies the name of the component instance. |
compType |
Specifies the type of component. Valid value is 'ovd'. |
keystoreName |
Specifies the name of the keystore file. |
password |
Specifies the password of the keystore. |
type |
Specifies the type of the keystore object to be removed. Valid values are 'Certificate', 'TrustedCertificate' or 'TrustedAll'. |
alias |
Specifies the alias of the keystore object to be removed. |
The following command removes a certificate or certificate chain denoted by alias mykey
in keys.jks
, for Oracle Virtual Directory instance ovd1
, in application server instance inst1
:
wls:/mydomain/serverConfig> removeKeyStoreObject('inst1', 'ovd1', 'ovd','keys.jks', 'password', 'Certificate','mykey')
The following command removes a trusted certificate denoted by alias mykey
in keys.jks
, for Oracle Virtual Directory instance ovd1
, in application server instance inst1
:
wls:/mydomain/serverConfig> removeKeyStoreObject('inst1', 'ovd1', 'ovd','keys.jks', 'password', 'TrustedCertificate','mykey')
The following command removes all trusted certificates in keys.jks
, for Oracle Virtual Directory instance ovd1
, in application server instance inst1
. Since no alias is required, the value None
is passed for that parameter:
wls:/mydomain/serverConfig> removeKeyStoreObject('inst1', 'ovd1', 'ovd','keys.jks', 'password', 'TrustedAll',None)
Online command that removes a certificate or other object from an Oracle wallet.
This command removes a certificate signing request, certificate, trusted certificate or all trusted certificates from an Oracle wallet for the specified component instance (Oracle HTTP Server, Oracle WebCache or Oracle Internet Directory). DN is used to indicate the object to be removed.
removeWalletObject(instName, compName, compType, walletName, password, type, DN)
Argument | Definition |
---|---|
instName |
Specifies the name of the application server instance. |
compName |
Specifies the name of the component instance. |
compType |
Specifies the type of component. Valid values are 'ohs', 'oid', and 'webcache'. |
walletName |
Specifies the name of the wallet file. |
password |
Specifies the password of the wallet. |
type |
Specifies the type of the keystore object to be removed. Valid values are 'CertificateRequest', 'Certificate', 'TrustedCertificate' or 'TrustedAll'. |
DN |
Specifies the Distinguished Name of the wallet object to be removed. |
The following command removes all trusted certificates from wallet1
, for Oracle Internet Directory instance oid1
, in application server instance inst1
. It is not necessary to provide a DN, so we pass null (denoted by None
) for the DN parameter:
wls:/mydomain/serverConfig> removeWalletObject('inst1', 'oid1', 'oid','wallet1', 'password', 'TrustedAll',None)
The following command removes a certificate signing request indicated by DN cn=www.example.com
from wallet1
, for Oracle Internet Directory instance oid1
, in application server instance inst1
:
wls:/mydomain/serverConfig> removeWalletObject('inst1', 'oid1', 'oid','wallet1', 'password', 'CertificateRequest','cn=www.example.com')
The following command removes a certificate indicated by DN cn=www.example.com
from wallet1
, for Oracle Internet Directory instance oid1
, in application server instance inst1
:
wls:/mydomain/serverConfig> removeWalletObject('inst1', 'oid1', 'oid','wallet1', 'password', 'Certificate','cn=www.example.com')
The following command removes a trusted certificate indicated by DN cn=www.example.com
from wallet1
, for Oracle Internet Directory instance oid1
, in application server instance inst1
:
wls:/mydomain/serverConfig> removeWalletObject('inst1', 'oid1', 'oid','wallet1', 'password', 'TrustedCertificate','cn=www.example.com')