1. Weblogic Configuration
  2. Configuring Identity and Trust Stores

4.2 Configuring Identity and Trust Stores

To configure the Identity and Trust stores in Oracle Weblogic Server, log in to the Admin Console of Weblogic Server.
  1. Under ‘Change Center’, click the button ‘Lock & Edit’.
  2. Expand ‘Servers’ node.
  3. Select the name of the server for which you want to configure the keystores (example - exampleserver).
  4. Go to ‘Configuration’ and select ‘Keystores’ tab.
  5. In the filed ‘Keystores’, select the method for storing and managing private keys/digital certificate pairs and trusted CA certificates. This choice should match the one made in Section 2 of this document (Choosing the Identity and Trust Stores).
  6. In the ‘Identity’ section, provide the following details:
    • Custom Identity Keystore File Name: Fully qualified path to the Identity keystore.
    • Custom Identity Keystore Type: Set this attribute to JKS, the type of the keystore. If left blank, it is defaulted to JKS (Java KeyStore).
    • Custom Identity Keystore PassPhrase: The password you enter when reading or writing to the keystore. This attribute is optional or required depending on the type of keystore. All keystores require the passphrase in order to write to the keystore. However, some keystores do not require the passphrase to read from the keystore. Oracle Weblogic server only reads from the keystore. So whether or not you define this property depends on the requirements of the keystore.
  7. In the ‘Trust’ section, provide the following details:

    If you choose Java Standard Trust, specify the password used to access the trust store.

    If you choose Custom Trust, the following attributes have to be provided:
    • Custom Trust Keystore: The fully qualified path to the trust keystore.
    • Custom Trust Keystore Type: Set this attribute to JKS, the type of the keystore. If left blank, it defaults to JKS (Java KeyStore).
    • Custom Trust Keystore Passphrase: The password you enter when reading or writing to the keystore. This attribute is optional or required depending on the type of keystore. All keystores require the passphrase in order to write to the keystore. However, some keystores do not require the passphrase to read from the keystore. Oracle Weblogic Server only reads from the keystore. So, whether or not you define this property depends on the requirements of the keystore.

    TRADE When identity and trust stores are of the JKS format, the passphrases are not required.