My Oracle Support Banner

DS5.2 - How to Create a Local Root CA with OpenSSL to Sign SSL Certificates (Doc ID 1009232.1)

Last updated on JANUARY 16, 2020

Applies to:

Oracle Directory Server Enterprise Edition - Version 5.2 to 5.2 SP6 [Release 5.0]
All Platforms
***Checked for relevance on 20-Nov-2012***
***Checked for relevance on 30-Apr-2014***


This document describes the necessary steps to create a local certificate authority that can be used to deliver digital certificates for servers such as Directory, Web or Messaging Server.

It also describes an application of this procedure to the Directory Server.

Signing a certificate request with a local CA is a good alternative to using commercially issued certificates. The functionality will be the same, except for free.

A local CA is useful when doing workshops, or testing SSL secure connections, and if you don't want to go to a Certified Signing Authority to get a certificate for your Proof of Concept (POC) server.


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.