4.2 Configure Identity and Trust Stores

This topic provides the systematic instructions to configure identity and trust stores.

To configure the Identity and Trust stores in Oracle Weblogic Server, log in to the Administration Console of Weblogic Server.
  1. Click the Lock & Edit button under Change Center.
  2. Expand the Servers node.
  3. Select the name of the server for which you want to configure the keystores (example - exampleserver).
  4. Navigate to Configuration and select the Keystores tab.
  5. In the Keystores field, select the method for storing and managing private keys/digital certificate pairs and trusted CA certificates.
    This choice should match the one made in the topic Choose the Identity and Trust Stores.
  6. In the Identity section, provide the following details:
    1. Custom Identity Keystore File Name: Fully qualified path to the Identity keystore.
    2. Custom Identity Keystore Type: Set this attribute to JKS, the type of the keystore. If it is left blank, it defaults to Java KeyStore (JKS).
    3. Custom Identity Keystore PassPhrase: The password you enter when reading or writing to the keystore. This attribute is optional or required depending on the type of keystore. All keystores require the passphrase to write to the keystore. However, some keystores do not require the passphrase to read from the keystore. Oracle Weblogic Server only reads from the keystore. So whether or not you define this property depends on the requirements of the keystore.
  7. In the Trust section, provide the following details:
    If you choose Java Standard Trust, specify the password used to access the trust store.
    If you choose Custom Trust, the following attributes have to be provided:
    1. Custom Trust Keystore: The fully qualified path to the trust keystore.
    2. Custom Trust Keystore Type: Set this attribute to JKS, the type of the keystore. If it is left blank, it defaults to Java KeyStore (JKS).
    3. Custom Trust Keystore Passphrase: The password you enter when reading or writing to the keystore. This attribute is optional or required depending on the type of keystore. All keystores require the passphrase to write to the keystore. However, some keystores do not require the passphrase to read from the keystore. Oracle Weblogic Server only reads from the keystore. So, whether or not you define this property depends on the requirements of the keystore.

      Note:

      When identity and trust stores are of the JKS format, the passphrases are not required.

Parent topic: Configure Identity and Trust Stores for Weblogic