About Creating CA Third-Party Signed Certificates

Note: This section assumes that no SSL certificates have previously been generated on or imported into the servers. If pre-existing certificates exist on the system (besides the default tomcat certificate, which you must keep), contact My Oracle Support (MOS) to determine their purpose and importance. Read this section in its entirety before starting the operations.
To create CA third-party certificates, execute the following procedures:
  1. Deleting an SSL Certificate
  2. Generating a Certificate Signature Request
  3. Exporting the Certificate Signature Request from the System
  4. Provide the Certificate Signature Request to the third party who signs and returns the certificate request.
  5. Importing Third-party Peer Certificates
  6. Importing the Third-party Signed Certificates
  7. Synchronizing and Rebooting the Cluster