Add a Certificate to the Load Balancer

When you create a domain with a load balancer, Oracle WebLogic Server for Oracle Cloud Infrastructure configures the load balancer to use Secure Socket Layer (SSL) and also adds a demonstration self-signed certificate. Oracle recommends you upload your own SSL certificate, and then associate the certificate with the HTTPS listener.

Note:

This procedure applies only to domains that were created after June 2020. For domains created before June 2020, see Configure SSL for a Domain.

You can use a custom, self-signed SSL certificate, or a certificate that you’ve obtained from a Certificate Authority (CA). For production WebLogic Server environments, Oracle recommends that you use a CA-issued SSL certificate, which reduces the chances of experiencing a man-in-the-middle attack.

  1. Access the Oracle Cloud Infrastructure console.
  2. From the navigation menu, select Networking, and then click Load Balancers.
  3. Select the Compartment in which the network resources for your domain were created.
    Depending on how the stack was initially created, this might be the same compartment that contains the compute instances for the domain.
  4. Click the load balancer that was provisioned as part of your stack, prefix-lb.
  5. Click Certificates.
  6. Click Add Certificate.
  7. Enter a name for your certificate.
  8. Either upload the certificate file, or paste its contents into the text area.
  9. If applicable, specify a CA certificate or a private key file.
    For example, if you are using a self-signed certificate, upload the corresponding private key file. See Managing SSL Certificates in the Oracle Cloud Infrastructure documentation.
  10. Click Add Certificate, and then click Close.
  11. After the certificate was successfully added, click Listeners.
  12. Edit the https listener.
  13. Select your new certificate.
  14. Click Save Changes, and then click Close.

You cannot modify an existing load balancer certificate. You must add a new certificate, and then associate the listener with the new certificate.