My Oracle Support Banner

WebLogic Server not Using Default Identity and Trust Keystores when Using -DUseSunHttpHandler=true (Doc ID 2413410.1)

Last updated on APRIL 03, 2024

Applies to:

Oracle WebLogic Server - Version and later
Information in this document applies to any platform.


WebLogic 12.1.3 server not using default identity and trust keystores when using -DUseSunHttpHandler=true.

When trying to make 2-way SSL outbound communication from WebLogic Server to External system.

From WebLogic it is recommended to use -DuseSunHttpHandler=true to make outbound socket connection using SUN handlers. Which is recommended from WebLogic Server 12c onwards.

When using the sun handlers (-DUseSunHttpHandler=true) to enforce to use* for socket connection, SSL doesn't honor the trust store settings of WLS Console when WebLogic server acting as a client, so we need to use properties.

It makes a Successful SSL outbound Handshake after adding the properties as below:

-DUseSunHttpHandler=true<PATH>\Java\jre\lib\security\cacerts<PATH>\SSL\IdentityKeystore.jks (Plain Text format password )

However the – we have to specify in clear text password which can be a security concern.

It was also tried to encrypt the password using, java utility, and use the encrypted password but it doesn’t taking the encrypted password for the option.


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.