How to Renew Demo Certificate Using Fusion Middleware Control in a Collocated Domain
(Doc ID 2955067.1)
Last updated on JULY 11, 2024
Applies to:
Oracle HTTP Server - Version 12.2.1.3.0 to 12.2.1.4.0 [Release 12c]Oracle Fusion Middleware - Version 12.2.1.3.0 to 12.2.1.4.0 [Release 12c]
Information in this document applies to any platform.
Goal
First of all, Oracle highly recommends that you use third-party Certificate Authority (CA) signed certificates or domain CA signed certificates when you deploy applications to a production environment. By default, any certificates created using the OPSS keystore service in the domain are signed using the demonstration CA. These demonstrations certificates should never be used in a production environment. The private key of the demonstration certificate is available to all installations of WebLogic Server, therefore each installation can generate a demo signed CA certificate using the same key. As a result, you cannot trust these certificates.
Please replace demonstration certificate according to the following document.
Managing Keys and Certificates
This document provides the ways to renew 2 keystores on Oracle Fusion Middleware 12c (12.2.1.3 and 12.2.1.4) in a collocated domain using Fusion Middleware Control, one is for OPSS (AdminServer and Nodemanager), another is for Oracle HTTP Server(OHS).
Solution
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
| Goal |
| Solution |
| Update "demoidentity" keystore in "system" stripe which is used by AdminServer and Nodemanager |
| Update "<OHS_INSTANCE_NAME>_default" keystore in "OHS" stripe which is used by Oracle HTTP Server (OHS) |
| References |