Oracle Identity Manager (OIM) 11g and Oracle Identity Governance (OIG) 12c: Updated Certs in "default-keystore.jks" Need to be Imported into Keystore Service (KSS) to Avoid JavaScript Object Notation (JSON) Web Token (JWT) Based Authentication Errors (Doc ID 2320887.1)

Last updated on FEBRUARY 28, 2024

Applies to:

Identity Manager - Version 11.1.2.3.161018 and later
Information in this document applies to any platform.

Goal

There may be a need / desire to regenerate the certs in the <DOMAIN_HOME>/config/fmwconfig/default-keystore.jks for the xeltrusted and xell aliases, such as for updating to SHA-2 based certificates. Doing so can cause JWT based failures. This doc will cover updating KSS with new certs in default-keystore.jks.

Solution

	To view full details, sign in with your My Oracle Support account.
	Don't have a My Oracle Support account? Click to get started!

In this Document

Goal

Solution

References

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.

Oracle Identity Manager (OIM) 11g and Oracle Identity Governance (OIG) 12c: Updated Certs in "default-keystore.jks" Need to be Imported into Keystore Service (KSS) to Avoid JavaScript Object Notation (JSON) Web Token (JWT) Based Authentication Errors (Doc ID 2320887.1)

Applies to:

Goal

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!