My Oracle Support Banner

OUD12. and Prior Versions - How to List/Renew/Regenerate/Set the Self-Signed "ads-certificate" Used for Replication (Doc ID 2994408.1)

Last updated on DECEMBER 24, 2023

Applies to:

Oracle Unified Directory - Version to [Release 11g to 12c]
Information in this document applies to any platform.


How to update the Oracle Unified Directory (OUD) self-signed ads-certificate for replication? 


This document is specific to replication self-signed certificate for OUD 11g and 12c prior to OUD12.

For Certificate Authority (CA) signed certificate, use the following document instead:  OUD - How to List/Renew/Regenerate/Set the "ads-certificate" Used for Replication (Doc ID 1619734.1)


Starting with 12c version OUD12. and higher, the process has changed to update certificates. Reference this KM:

OUD 12c - How to Obtain the PIN for the "ads" Certificate Database and Renew/Regenerate/Set the ads-certificate Used for Replication (Doc ID 2884315.1)

For 11g and 12c prior to OUD12., use the below steps outlined in the Solution section.



To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document
 Backup, check and prepare the keystore configuration
 Verify the keystores with keytool and back up
 Cleanup the keystore and recreate the self signed certificate with desired settings
 Set the certificate for replication, restart, verify and test replication
 References for key manager providers other than Replication

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.