Monday, July 4, 2016

Oracle® Weblogic 10.3.6 Or Higher: Steps to create a Self-Signed Certificate using the SHA-256 Algorithm

Support for SHA-256 with JSSE is supported in WLS 10.3.3 and higher, in conjunction with using the JSSE SSL implementation. It is not supported when using the Certicom SSL implementation, which is deprecated in WLS 10.3.4 and higher.

The following sections describes the steps to create the self signed SHA-256 certificate.

  • Set the WLS domain, by executing the command or (Windows)
  • Enter the following pieces of when prompted

$ keytool -genkey -alias selfsignedcert -keyalg RSA -sigalg SHA256withRSA -keypass password1 -keystore identity.jks -storepass password -validity 365

What is your first and last name?
What is the name of your organizational unit?
[Unknown]: mindtelligent-soa
What is the name of your organization?
[Unknown]: MindTelligent
What is the name of your City or Locality?
[Unknown]: El Dorado Hills
What is the name of your State or Province?
[Unknown]: c
What is the two-letter country code for this unit?
[Unknown]: US
Is CN=, OU= mindtelligent-soa, O= MindTelligent, L= El Dorado Hills, ST= El Dorado Hills, C=US correct?
[no]: yes

  • Export the certificate

$ keytool -export -alias Mindteligent-SelfSigned -sigalg SHA256withRSA -file root.cer -keystore identity.jks
Enter keystore password:
Certificate stored in file <root.cer>          

  • Import the root certificate to the trust store:

$keytool -import -alias Mindteligent-SelfSigned  -sigalg SHA256withRSA -trustcacerts -file root.cer -keystore trust.jks
Enter keystore password:
Re-enter new password:

  • Please include the following parameter for startup options.


Oracle Customer Care and Billing 2.6 IWS Services to be accessed from SOA 11g running JDK 1.6

Oracle Customer Care and Billing 2.6 is deployed on WebLogic 12c. Web l ogic 12c uses JDK 1.8, which uses TLS1.2 for Transport Level Sec...