After OHS SSL Certificate Renewal, Accessing the Application does not Show the New SSL Certificate
(Doc ID 2185637.1)
Last updated on MAY 19, 2023
Applies to:
Oracle HTTP Server - Version 11.1.1.9.0 and laterInformation in this document applies to any platform.
Symptoms
This is the following architecture:
Client ---------> OHS ----------------> OTD ------------------> Weblogic
After renewing the SSL certificates for both OTD and OHS 11.1.1.9, when the application is accessed, it shows the old certificates instead of the renewed one.
Changes
1. Generated the .p12 and .key file from OTD using open ssl for URL says tst2eip.biogenidec.com.
Command: <OTD_HOME>/bin/pk12util -o wallet.p12 -d sql:/u02/test -n <Certificate_Name / "name of the certificate to extract from the database">
Extract Private Key
openssl pkcs12 -in wallet.p12 -out private.key -nocerts -nodes
2. Transfered the private.key file to OHS server. Also copied the renewed cert files and root-intermediate files.
3. Then ran:
openssl pkcs12 -export -out ewallet.p12 -inkey private.key -in <Server_Certificate>.txt -certfile <Trust_Certificates/Trust_Chain>.txt
which generated the new ewallet.p12 file
4. Created the auto login wallet ( cwallet.sso) for this new wallet
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
| Symptoms |
| Changes |
| Cause |
| Solution |
| References |