Before you begin
Configure the identity and trust keystores for WebLogic Server. See Configure identity and trust and Configuring Identity and Trust.
For information about certificate revocation checking, see X.509 Certificate Revocation Checking.
By default, when WebLogic Server checks a certificate's revocation status, it uses OCSP. If OCSP returns the certificate's status as "unknown," WebLogic Server then checks CRLs. However, you can change the checking method and order by selecting one of the following alternatives:
After you finish
After you enable certificate revocation checking in the domain, you can optionally do the following: