Import Security Certificates into the KeyStore

To import and configure the security certificate (example: Oracle Utilities Meter Data Management certificate):

Important! Make sure that you copy/paste the commands in Notepad to remove extra spaces, if any.

1. Export the certificate and save it on the integration server to add it to the key store.

Example: /tmp/mdmdemocert.cer

2. Create a new keystore (for example: UtilitiesIntegration.jks for importing the certificates.

Linux:

keytool -genkey -keystore /Oracle/Middleware/Oracle_Home/wlserver/ server/lib/UtilitiesIntegration.jks -storepass <keystore password>

Windows:

keytool -genkey -keystore C:\Oracle\Middleware\Oracle_Home\wlserver\UtilitiesIntegration. jks

-storepass <keystore password>

3. Import the certificates into the trust store created in step 2.

Linux:

keytool -import -file /tmp/mdmdemocert.cer -alias RootCA - keystore

/Oracle/Middleware/Oracle_Home/wlserver/server/lib/ UtilitiesIntegration.jks -storepass <keystore password>

Windows:

keytool -import -file C:\mdmdemocert.cer -alias RootCA - keystore C:\Oracle\Middleware\Oracle_Home\wlserver\UtilitiesIntegration.jks

-storepass <keystore password>

4. Verify that the certificate is added to the store using the following command.

Linux:

keytool -list -v -keystore /Oracle/Middleware/Oracle_Home/wlserver/ server/lib/UtilitiesIntegration.jks

Windows:

keytool -list -v -keystore C:\Oracle\Middleware\Oracle_Home\wlserver\UtilitiesIntegration.jks

Note: Enter the password when prompted.

5. Edit the setDomainEnv.sh file for Linux or setDomainEnv.cmd for Windows and replace the existing javax.net.ssl.trustStore property. It is located at

${MW_HOME}/ user_projects/domains/<domain_name>/bin.

6. Search for -Djavax.net.ssl.trustStore in the file and replace it with Djavax.net.ssl.trustStore=${MW_HOME}/wlserver/server/lib/ UtilitiesIntegration.jks -Djavax.net.ssl.trustStorePassword=<keystore password>.

7. In the WebLogic console, navigate to Home > Servers > <managed server> > Keystores and configure the details there.

8. Click Lock & Edit to change the keystore details.

9. Click Change and then select Custom Identity and Java Standard Trust from the drop-down list.

10. Enter the following values in the respective fields:

• Custom Identity Keystore: /Oracle/Middleware/Oracle_Home/wlserver/ server/lib/UtilitiesIntegration.jks

• Custom Identity Keystore Type: jks

• Custom Identity Keystore Passphrase: <keystore password> For example: welcome1

• Confirm Custom Identity Keystore Passphrase: <keystore password> For example: welcome1

11. Click Activate Changes to release the configuration and bounce the managed server to bring the changes into effect.

Note: In a clustered environment, managed servers should have their own keystore configured.

If the services in Oracle Utilities Meter Data Management are SSL enabled, import the Oracle Utilities Meter Data Management certificates into the Weblogic Managed server to enable secure communication between the integration layer and Oracle Utilities Meter Data Management.

Restart the server before using the system to ensure all the processes are activated as some of the artifacts used by the processes require restart of admin and managed servers after the complete installation.