1. Using Oracle Java Cloud Service - SaaS Extension
  2. Administering Instances with the JCS-SaaS Extension Administration Console
  3. Working with the Java Cloud Service - SaaS Extension Administration Console
  4. Managing Certificates on the SSL Certificates Page

Managing Certificates on the SSL Certificates Page

Use this page to view and manage the SSL certificates.

Description of res_ui_ssl_certs.png follows
Description of the illustration res_ui_ssl_certs.png

This page allows you to add and remove SSL truststore certificates to a service instance. Once added, you can view important information about each certificate. Adding an SSL certificate to the SSL truststore requires a service restart for the changes to take effect. Oracle does not support the use of special characters in the alias name of WebLogic SSL truststore certificates.

Page Functionality

You can perform the following tasks on this page:
  • Add New; add a new certificate:

    1. Click Add New to open the Add New dialog for SSL certificates.

      Description of res_ui_add_new_ssl_certs.png follows
      Description of the illustration res_ui_add_new_ssl_certs.png

    2. Enter an Alias then click Choose File.

    3. Navigate to the file location for the desired certificate, select the certificate, and click OK (or whatever dismisses the file system’s Find dialog)..

      The selected certificate name appears in the Add New dialog’s Certificatefield.

    4. Click OK.

      The certificate is added and appears on the certificates table.

  • Delete; delete a certificate:

    1. Select the certificate you want to delete and click Delete.

    2. Click OK to confirm the deletion.

  • Download; downloads a selected certificate to your local file system.

Other controls on the page also allow you to refresh the page (Refresh Button and list aliases based on specific filtering criteria (Filter Content). Data source aliases are displayed in a table as a key:value pair.

Certificate Details

The body of this page shows the details of the SSL truststore certificates applied to the service instance.

  • Alias; the certificate's alias.

  • Expiry; the date the certificate expires.

  • Serial Number; the serial number that identifies the certificate.

  • Distinguished Name; a complex name for the certificate. This name identifies such the certificate authority, the certificate organization, that organization’s URL, and the certificate authority’s location.

Supported Certificate File Formats

Java Cloud Service - SaaS Extension supports three certificate file formats:

  • Single certificates appear in DER binary format.

  • One or more certificates can appear in PEM format. The base64-encoded content of certificates is printed in base64–encoded format with the alias for each certificate shown in custom headers in the .pem file itself; for example: 

    alias: orakey

-----BEGIN CERTIFICATE-----
MIICXjCCAcegAwIBAgIIHiLb185PqPEwDQYJKoZIhvcNAQEFBQAwVzETMBEGCgmS
JomT8ixkARkWA2NvbTEWMBQGCgmSJomT8ixkARkWBm9yYWNsZTEVMBMGCgmSJomT
8ixkARkWBWNsb3VkMREwDwYDVQQDEwhDbG91ZDlDQTAeFw0xNDExMjExNzI5NDBa
Fw0yNDExMTgxNzI5NDBaMGkxEzARBgoJkiaJk/IsZAEZFgNjb20xFjAUBgoJkiaJ
k/IsZAEZFgZvcmFjbGUxFTATBgoJkiaJk/IsZAEZFgVjbG91ZDEjMCEGA1UEAwwa
dXNvcmFsY2V0cmlhbDExNjA4X2phdmFzdmMwgZ8wDQYJKoZIhvcNAQEBBQADgY0A
MIGJAoGBAIbdlnsA5WTec3O9fjpsLTO4XPHTtK9Hy6wnIwYdX8hP3K+epNs7s7rc
IvHZ1m6vIw0KSDyOOCnrqvf4pjFdDuO2F45FGy+aAdsQkhdIpwhWzRQSRyUdVFcl
8fCYuQROJUSbp8P0dXbLbUYGBbiuODZbFLZfSzUigu/pklNTvXupAgMBAAGjITAf
MB0GA1UdDgQWBBRcuDYi93M53tlBKDl4yyrmWv0SjTANBgkqhkiG9w0BAQUFAAOB
gQA3RexPCqjf2ovOs93UD3jVWiSg7J0VQs3FRTYs3WC84B1XrXq50WCJ0/yY/NVP
GYDAXDzmS8HHVw+jI/CptAYNISeGD0Rzg8f6uub76Ny5A97ULckLHTCNJNIKWk/0
PIScXS93Ka7X6zUmLjqWWOUR1/oY/tLiqy/R7Tzs5ftl7w==
-----END CERTIFICATE-----
alias: entrustpremium

-----BEGIN CERTIFICATE-----
MIIEXDCCA0SgAwIBAgIEOGO5ZjANBgkqhkiG9w0BAQUFADCBtDEUMBIGA1UEChML
RW50cnVzdC5uZXQxQDA+BgNVBAsUN3d3dy5lbnRydXN0Lm5ldC9DUFNfMjA0OCBp
bmNvcnAuIGJ5IHJlZi4gKGxpbWl0cyBsaWFiLikxJTAjBgNVBAsTHChjKSAxOTk5
IEVudHJ1c3QubmV0IExpbWl0ZWQxMzAxBgNVBAMTKkVudHJ1c3QubmV0IENlcnRp
ZmljYXRpb24gQXV0aG9yaXR5ICgyMDQ4KTAeFw05OTEyMjQxNzUwNTFaFw0xOTEy
MjQxODIwNTFaMIG0MRQwEgYDVQQKEwtFbnRydXN0Lm5ldDFAMD4GA1UECxQ3d3d3
LmVudHJ1c3QubmV0L0NQU18yMDQ4IGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxp
YWIuKTElMCMGA1UECxMcKGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDEzMDEG
A1UEAxMqRW50cnVzdC5uZXQgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgKDIwNDgp

  • One or more certificates can appear in JKS format. Multiple certificates appear in the JKS file, listed by their respective aliases, but are otherwise in binary format.