This topic provides the systematic instructions to setup the SSL on Oracle WebLogic.

1. Obtain an identity (private key and digital certificates) and trust (certificates of trusted certificate authorities) for Oracle WebLogic application server.
2. Store the identity and trust.
   The private keys and trust CA certificates are stored in keystores.
3. Configure the identity and trust the keystores for Oracle WebLogic application server in the administration console.
4. Set SSL attributes for the private key alias and password in Oracle WebLogic administration console.

This topic provides the information about the certificates and keypairs.

The certificates are used for validating the authenticity of the server. Certificates contains the name of the owner, certificate usage, duration of validity, resource location, or distinguished name (DN), which includes the common name (CN - web site address or e-mail address depending of the usage) and the certificate ID of the person who certified (signs) these information. It also contains the public key and a hash to ensure that the certificate has not been tampered with. A certificate is insecure until it is signed. Signed certificates cannot be modified.

A certificate can be self-signed or obtained from a reputable certificate authority such as Verisign, Inc., Entrust.net, Thawte, Digicert Inc., GeoTrust or InstantSSL.

The SSL uses a public key and a private key cryptographickeys. These keys are similar in nature and can be used alternatively. What one key encrypts can be decrypted by the other key of the pair. The private key is kept secret, while the public key is distributed using the certificate.

A keytool stores the keys and certificates in a keystore. The default keystore implementation implements it as a file. It protects private keys with a password. The different entities (key pairs and the certificates) are distinguished by a unique alias. Through its keystore, Oracle WebLogic server can authenticate itself to other parties.

In Java, a keystore is a java.security.KeyStore instance that the user can create and manipulate using the keytool utility provided with the Java Runtime.