This topic explains creation of Self-signed Certificate.

Browse to the bin folder of JRE from the command prompt and type the following command.

The items highlighted in blue are placeholders, and should be replaced with suitable values when running the command.

keytool -genkeypair -alias alias -keyalg RSA -keysize 1024 -sigalg SHA1withRSA -validity 365 -keystore keystore

In the above command,

1. alias is used to identify the public and private key pair created. This alias is required later when configuring the SSL attributes for the managed servers in Oracle Weblogic Server.
2. keyalg is the key algorithm used to generate the public and private key pair. The RSA key algorithm is recommended.
3. keysize is the size of the public and private key pairs generated. A key size of 1024 or more is recommended. Please consult with your CA on the key size support for different types of certificates.
4. sigalg is the algorithm used to generate the signature. This algorithm should be compatible with the key algorithm and should be one of the values specified in the Java Cryptography API Specification and Reference.
5. valdays is the number of days for which the certificate is to be considered valid. Please consult with your CA on this period.
6. keystore is used to specify the location of the JKS file. If no JKS file is present in the path provided, one will be created.

The command will prompt for the following attributes of the certificate and keystore:

1. Keystore Password: Specify a password that will be used to access the keystore. This password needs to be specified later, when configuring the identity store in Oracle Weblogic Server.
2. Key Password: Specify a password that will be used to access the private key stored in the keystore. This password needs to be specified later, when configuring the SSL attributes of the managed server(s) in Oracle Weblogic Server.
3. First and Last Name (CN): Enter the domain name of the machine used to access Oracle Banking Trade Finance, for instance, www.example.com
4. Name of your Organizational Unit: The name of the department or unit making the request, for example, BPD. Use this field to further identify the SSL Certificate you are creating, for example, by department or by physical server.
5. Name of your Organization: The name of the organization making the certificate request, for example, Oracle Financial Services. It is recommended to use the company or organization's formal name, and this name entered here must match the name found in official records.
6. Name of your City or Locality: The city in which your organization is physically located, for example Mumbai.
7. Name of your State or Province: The state/province in which your organization is physically located, for example Maharashtra.
8. Two-letter Country Code for this Unit: The country in which your organization is physically located, for example US, UK, IN etc.

Example

Listed below is the result of a sample execution of the command: