Saturday, October 02, 2010

Default keystore used in SOA Suite 11g

The default keystore used in SOA suite 11g is DemoTrust.jks and DemoIdentity.jks

Just log in to weblogic admin console and choose the server and move to keystore tab



The corresponding entry for the same in configuration file can be found in following location.

BEA_HOME/user_projects/domains/soa_domain/bin/setDomainEnv.sh

-Djavax.net.ssl.trustStore=${WL_HOME}/server/lib/DemoTrust.jks


I tried to find out the reference for DemoIdentity.jks but i couldn't get it in any configuration file.

I removed the entry from setDomainEnv.sh file to check if it reflects in the console also but even after removing this entry there is no change in the front page.

I am not sure what is the use of this default key store and where exactly it is configured.

Just to understand its importance i removed the file DemoTrust.jks

from BEA_HOME/wlserver_10.3/server/lib location

Restarted the server but to my surprise nothing happened,Still in keystore it shows the same entry so my conclusion is DemoTrust.jks and DemoIdentity.jks are two waste file which are just taking un necessary space :(

So the only keystore which is of any use is default-keystore.jks

$BEA_HOME/user_projects/domains/base_domain/config/fmwconfig/jps-config.xml

you should have an entry like this

<!-- KeyStore Service Instance -->
<serviceInstance name="keystore" provider="keystore.provider" location="./default-keystore.jks">
<description>Default JPS Keystore Service</description>
<property name="keystore.type" value="JKS"/>
<property name="keystore.csf.map" value="oracle.wsm.security"/>
<property name="keystore.pass.csf.key" value="keystore-csf-key"/>
<property name="keystore.sig.csf.key" value="sign-csf-key"/>
<property name="keystore.enc.csf.key" value="enc-csf-key"/>
</serviceInstance>

No comments: