My Oracle Support Banner

How to Renew Expired OPSS DemoIdentity Certificates Using WLST Command Line (Doc ID 2678302.1)

Last updated on JUNE 10, 2020

Applies to:

Oracle WebLogic Server - Version 12.2.1.0.0 to 12.2.1.4.0 [Release 12c]
Information in this document applies to any platform.

Goal

The demo certificate has expired for this system and needs to be replaced.

Weblogic will not start and shows the following an error similar to the one below from the weblogic Admin log:

####<Alert> <Security> <domain> <AdminServer> <[ACTIVE] ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'> <> <BEA-090154> <Identity certificate has expired: [
[
Version: V3
Subject: CN=DemoCertFor_
Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11

Key: Sun RSA public key, 1024 bits
modulus: 163572228919762095295578390299062084274958016835888107553806977146379419531709573131702469260058073193145315737717834488340587307790624848646286948977231768211215124744729658617233884327216905253738349042390025023444547106738372988148053849472608603812256048762423445058139193262612858584250270214373658767163
public exponent: 65537
Validity: [From: Mon Aug 10 13:01:22 PDT 2013,
To: Sat Aug 13 10:13:22 PDT 2018]
Issuer: CN=CertGenCA, OU=FOR TESTING ONLY, O=MyOrganization, L=MyTown, ST=MyState, C=US
SerialNumber: [ 01407379 948c]

Certificate Extensions: 1
[1]: ObjectId: 2.5.29.14 Criticality=false

Since the certificate is stored in the KSS there is no way to access the certificate for replacement with Weblogic not running.

In general all the utilities/scripts are in on-line mode.

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Goal
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.