Interoperating With Keystores From Prior Versions

B Interoperating With Keystores From Prior Versions

Learn how to use keystores in WebLogic Server version 14.1.2.0.0 or later with keystores in a previous release of Oracle WebLogic Server.

If you are using WebLogic Server 14.1.2.0.0 or later together with an earlier version of WebLogic Server, be aware that the behavior of the demo CA certificate and demo certificates changed in 14.1.2.0.0.

From WebLogic Server 12.1.2 to 14.1.1.0.0, all installations of WebLogic Server shared the same demo CA and its paired private key. As of WebLogic Server 14.1.2.0.0, a unique demo CA is generated for each domain.

WebLogic Server 12.2.1.4.0 through 14.1.1.0.0

If you upgrade to WebLogic Server 14.1.2.0.0 or later from a previous release, then your upgraded domain will continue to use the demo CA certificate and demo certificates from its previous release.

If you plan to use WebLogic Server 14.1.2.0.0 or later together with a previous release, then be aware of the following changes:

Whenever a new domain is created, it generates a unique demo CA certificate.
The demo identity keystore is now in PKCS12 format and located at DOMAIN_HOME/security/DemoIdentity.p12
The demo trust keystore is now in PKCS12 format and located at DOMAIN_HOME/security/DemoTrust.p12
The expiration period for the new demo CA certificate and demo certificates is significantly shortened compared to previous releases. The demo certificates expire after 6 months and the demo CA certificate expires after 5 years. For continuity of service, renew them prior to expiration.