Updated Certs in default-keystore.jks Need to be Imported into KSS to Avoid JWT Based Authentication Errors with REST API

(Doc ID 2320887.1)

Last updated on OCTOBER 25, 2017

Applies to:

Identity Manager - Version 11.1.2.3.161018 and later
Information in this document applies to any platform.

Goal

There may be a need / desire to regenerate the certs in the <DOMAIN_HOME>/config/fmwconfig/default-keystore.jks for the xeltrusted and xell aliases, such as for updating to SHA-2 based certificates. Doing so can cause jwt based failures, so this doc will cover updating KSS with new certs in default-keystore.jks.

Solution

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms