Oracle Weblogic Server (MOSC)

MOSC Banner

Why isn't recommended to use CertGen in a production environment?

edited Nov 19, 2021 10:33PM in Oracle Weblogic Server (MOSC) 1 commentAnswered

If I generate new CertGenCA.der and CertGenCAKey.derfiles I don't see a problem using gencert for production.


This is for the communication between Manages servers and AdminServer.


What is the reason of this recommendation?


The doc states:

The CertGen utility generates certificates that should only be used for demonstration or testing purposes, not in a production environment.

As of version 12.1.2 of WebLogic Server, the CertGen utility generates certificates with the following attributes by default:

  • 2048-bit public key.
  • SHA256 message digest algorithm.
  • Subject Key Identifier extension.
  • Authority Key Identifier extension (if the CA certificate contains a Subject Key ID.)

Howdy, Stranger!

Log In

To view full details, sign in to My Oracle Support Community.

Register

Don't have a My Oracle Support Community account? Click here to get started.

Category Leaderboard

Top contributors this month

New to My Oracle Support Community? Visit our Welcome Center

MOSC Help Center