OUD - How to Use Keystore (for Private Keys) and Truststore (for Public and Signed Certificates)
(Doc ID 1958191.1)
Last updated on JUNE 06, 2022
Applies to:Oracle Unified Directory - Version 22.214.171.124.0 and later
Information in this document applies to any platform.
The goal of this document is to describe: How OUD uses the different Keystores
This KM doc describes how to use keystores (for private keys) and truststores (for public, signed certificates).
Up to three sets of key stores are used, as shown in the diagram below -
By default the key stores are located in the
truststorehold keys for securing connections with client applications.
admin-truststorehold keys for securing administrative connections through the ADMIN_PORT, such as those used when connecting with the dsconfig command.
ads-truststoreholds keys for securing replication connections with other OUD servers in the replication topology.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document
|1. Differences Between Keystores and Truststores Under <OUD_INSTANCE_ROOT>/config|
|2. Create Server private key|
|2.1 Remove Self Certificate alias server-cert|
|2.2 Create a Private Server Key|
|3. Generating the Server Certificate Request|
|4. Server Certificate and Intermediate / Root CA Certificates Signed by a Certificate Authority|
|5. Importing the Servers certificate and CA certificates in Server Keystore|
|6. Check the LDAPS Server Authentication|