1. Security Configuration Guide
  2. SSL-Enabling EPM System Components
  3. Full SSL Deployment of EPM System
  4. Configuring EPM System for Full SSL
  5. Optional: Installing Root CA Certificate for WebLogic Server

Optional: Installing Root CA Certificate for WebLogic Server

The root certificates of most well-known third-party CAs are already installed in the JVM keystore. Complete the procedures in this section if you are not using certificates from a well-known third-party CA (not recommended). Default JVM keystore location is MIDDLEWARE_HOME/jdk/jre/lib/security/cacerts.

Note:

Perform this procedure on each Oracle Enterprise Performance Management System server.

To install the root CA certificate:

  1. Copy the root CA certificate into a local directory on the machine where Oracle WebLogic Server is installed.
  2. From a console, change directory to MIDDLEWARE_HOME/jdk/jre/bin.
  3. Execute a keytool command such as the following to install the root CA certificate into the JVM keystore:
    keytool -import -alias ALIAS -file CA_CERT_FILE -keystore KEYSTORE -storepass KEYSTORE_PASSWORD -trustcacerts

    For example, you can use the following command to add a certificate CAcert.crt stored in the current directory into the JVM keystore with Blister as the certificate alias in the keystore. Storepass example_pwd is assumed. 

    keytool -import -alias Blister -file CAcert.crt -keystore ../lib/security/cacerts -storepass example_pwd -trustcacerts

    Note:

    The preceding command and example use some of the syntax for importing certificates using keytool. See keytool documentation for a complete list of import syntax.