Network Channel Does Not Honor Custom Identity Keystore Configuration (Doc ID 2998794.1)

Last updated on FEBRUARY 09, 2024

Applies to:

Symptoms

When creating an https network channel from the admin console and then configure it to use custom identity keystore, the log indicates that the channel isn't utilizing the specified custom keystore. 

Instead, it defaults to using the DemoIdentity Keystore.

Step to Reproduce:

1.

Create custom identity jks file and Custom Trust jks.

Please refer to the following for how to create Custom Identity jks and Custom Trust jks files.

Getting Started with WebLogic Server: How to Create and Configure Self Signed Certificates for WebLogic Server Environments (Doc ID 1341192.1)

2.

Cleating https channel.

In Admin Console, navigate following menu.

/console -> Environment -> servers-> <Server Name> -> protocols -> channel.

Name:<Channel Name>

protocol:https

next>

Listenning port: <Channel Port>

External Listenning port: <Channel Port>

Other option is set blank.

next>

Check following option only:

-Enable

-->Finish

Click on the newly created channel -> configuraiton tab -> security sub tab -> expand Advanced and fill in the following fields:

Under Chaneel Idenity: Customize Identity

Fille in Custom Channel Private Key Alias: <Key Name>

Custom Identity Keystore Type: JKS

Custom Identity Keystore : <Specified JKS Folder>/<Identity jks filename>.jks

3.

Access URL via newly created https channel with Chrome browser.

https://<Hostname>:<Channel Port>/<App Name>

Open Chrome Browser developer tool and show "Security" tab.

-->"View certificate" button shows Demo certificate.

Also, When starting server, log shows referencing DemoIdentity.jks like following :

Cause

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.