How to Update the Certificates Used in the default-keystore.jks to Use a New Signature Algorithm with a Greater Key Size
(Doc ID 2472450.1)
Last updated on SEPTEMBER 12, 2023
Applies to:
Identity Manager - Version 11.1.2.1.0 to 11.1.2.3.0 [Release 11g]Information in this document applies to any platform.
Goal
This document provides the step by step instruction to update the certificates in the default_keystore.jks to use a signature algorithm having a key size greater than 1024.
In the older versions of Oracle Identity Manager, the out of the box default_keystore.jks used internally for the OWSM WS-Policies (which are attached to the callback for OIM approval composites) contains MD5withRSA certificates with a key size of 1024.
Newer JDKs do not accept these certificates. Specifically, starting with JDK 1.6.0_101+, JDK 1.7.0_40+, Or JRockit R28.3.7+
Solution
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |