Once you have a private key and digital certificate, copy the
private key file generated by the Certificate Request Generator
servlet and the digital certificate you received into the
mydomain directory. Private Key files and digital certificates
are generated in either PEM or Definite Encoding Rules (DER)
format. The filename extension identifies the format of the
digital certificate file. A PEM (.pem) format private key file
begins and ends with the following lines, respectively:
-----BEGIN ENCRYPTED PRIVATE KEY-----
-----END ENCRYPTED PRIVATE KEY-----
A PEM (.pem) format digital certificate begins and ends with the
following lines, respectively:
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----
Note: Typically, the digital certificate file
for a WebLogic Server is in one file, with either a .pem or .der
extension, and the WebLogic Server certificate chain is in
another file. Two files are used because different WebLogic
Servers may share the same certificate chain.
The first digital certificate in the
certificate authority file is the first digital certificate in
the WebLogic Server's certificate chain. The next certificates
in the file are the next digital certificates in the certificate
chain. The last certificate in the file is a self-signed digital
certificate that ends the certificate chain. A DER (.der) format
file contains binary data. WebLogic Server requires that the
file extension match the contents of the certificate file.
Note: If you are creating a file with the
digital certificates of multiple certificate authorities or a
file that contains a certificate chain, you must use PEM format.
WebLogic Server provides a tool for converting DER format files
to PEM format, and visa versa.
|