My Oracle Support Banner

OUD Keystore and Truststore (Doc ID 1958191.1)

Last updated on MAY 19, 2021

Applies to:

Oracle Unified Directory - Version 11.1.2.2.0 and later
Information in this document applies to any platform.
The goal of this document is to describe: How OUD uses the different Keystores

Purpose

 

This KM doc describes how to use keystores (for private keys) and truststores (for public, signed certificates).

Up to three sets of key stores are used, as shown in the diagram below -


By default the key stores are located in the <OUD_INSTANCE_ROOT>/config directory.

  • The keystore and truststore hold keys for securing connections with client applications.

  • The admin-keystore and admin-truststore hold keys for securing administrative connections through the ADMIN_PORT, such as those used when connecting with the dsconfig command.

  • The ads-truststore holds keys for securing replication connections with other OUD servers in the replication topology.

Scope

 

Details

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Purpose
Scope
Details
 1. Differences Between Keystores and Truststores Under <OUD_INSTANCE_ROOT>/config
 2. Create Server private key
 2.1 Remove Self Certificate alias server-cert
 2.2 Create a Private Server Key
 3. Generating the Server Certificate Request
 4. Server Certificate and Intermediate / Root CA Certificates Signed by a Certificate Authority
 5. Importing the Servers certificate and CA certificates in Server Keystore
 6. Check the LDAPS Server Authentication


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.