Self-signed Expired Client Certificates Is Not Checked For Validity During SSL Handshake (Doc ID 2904872.1)

Last updated on NOVEMBER 09, 2023

Applies to:

Oracle WebLogic Server - Version 10.3.6 and later
Information in this document applies to any platform.

Symptoms

WebLogic is configured for two way SSL requiring client supplying a client certificate during SSL handshake. When the client uses an self-signed certificate and it has expired the WebLogic is not validating it and allows the handshake going through with no error. However, if a CA signed certificate is used as client certificate and the certificate has expired, the SSL handshake fails as expected and the WebLogic returns "bad certificate" error to the client.

Changes

Cause

	To view full details, sign in with your My Oracle Support account.
	Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.

Self-signed Expired Client Certificates Is Not Checked For Validity During SSL Handshake (Doc ID 2904872.1)

Applies to:

Symptoms

Changes

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!