My Oracle Support Banner

Self-signed Expired Client Certificates Is Not Checked For Validity During SSL Handshake (Doc ID 2904872.1)

Last updated on NOVEMBER 07, 2022

Applies to:

Oracle WebLogic Server - Version 10.3.6 and later
Information in this document applies to any platform.

Symptoms

WebLogic is configured for two way SSL requiring client supplying a client certificate during SSL handshake. When the client uses an self-signed certificate and it has expired the WebLogic is not validating it and allows the handshake going through with no error. However, if a CA signed certificate is used as client certificate and the certificate has expired, the SSL handshake fails as expected and the WebLogic returns "bad certificate" error to the client.

 

Changes

 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Changes
Cause
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.