Import a CA-Issued SSL Certificate into the Oracle SOA Suite on Marketplace Instance

The first step is to import the CA-issued SSL certificate into the trust store being used in your server.

1. Log in to the Adminstration Server node as an oracle user.
2. Run an openssl command for the yahoo mail server:

   Mail Server	Command Used
   Yahoo	openssl s_client -connect smtp.mail.yahoo.com:465 > yahoocert.pem
   Office 365	openssl s_client -showcerts -starttls smtp -crlf -connect smtp.office365.com:587
   Microsoft Outlook	openssl s_client -showcerts -starttls smtp -connect smtp-mail.outlook.com:587
   Gmail	openssl s_client -connect smtp.gmail.com:465 > gmail-smtp-cert.pem

3. Make a copy of yahoocert.pem file. For example, cp yahoocert.pem yahoo.cer.
   1. Run the following command:

      Vi yahoo.cer

      The certificate is displayed.
   2. Keep only the certificate from BEGIN CERTIFICATE entry till END CERTIFICATE entry and remove all the unwanted lines to create the yahoo certificate.

   Note:

   In the case of Office 365, two certificates are presented. Run the following command to display the certificates:

    openssl s_client -showcerts -connect smtp.office365.com:587 -starttls smtp  </dev/null

   Save both the certificates as individual .cer files and import them to the keystore.

4. Add the certificate to the trust store being used in your Administration Server. By default the trust store used is Demotrust.jks. Use the following command to add the certificate created in the previous step to Demotrust.jks:

    keytool -import -alias smtp.yahoo.com -keystore /u01/app/oracle/middleware/wlserver/server/lib/DemoTrust.jks -file yahoo.cer -storepass DemoTrustKeyStorePassPhrase

5. Stop and then restart the Administration Server and Managed Servers. See Stop or Start WebLogic Servers.