8-32 Oracle Fusion Middleware Administrators Guide 5. Click OK.

8.4.7.6 Importing a Certificate or a Trusted Certificate Using WLST

Assuming the instance name is inst1, use this command to import a certificate into a wallet: importWalletObjectinst1, oid1, oid, selfsigned, password, Certificate, tmpcert.txt where password is the password for this wallet and tmpcert.txt is the file that contains BASE64 encoded certificate. To import a trusted certificate, replace Certificate in the above command with TrustedCertificate. 8.4.7.7 Deleting a Certificate Request, a Certificate, or a Trusted Certificate Using Fusion Middleware Control Take these steps to delete a CR, a certificate, or a trusted certificate: 1. Navigate to the Certificate Management page. See Section 8.4.6, Accessing the Certificate Management Page for Wallets in Fusion Middleware Control. 2. Select the row containing the certificate request, certificate or trusted certificate. 3. Click Delete. 4. A dialog box appears, requesting confirmation. 5. Click Yes. 6. The object no longer appears in the Manage Certificates list.

8.4.7.8 Deleting a Certificate Request, a Certificate, or a Trusted Certificate Using WLST

Assuming the instance name is inst1, use this command to delete a certificate: removeWalletObjectinst1, oid1, oid, selfsigned, password, Certificate, subject_dn Note: You cannot use the WLST command-line tool to import DER-encoded certificates or trusted certificates into an Oracle wallet. Use one of these tools instead: ■ Oracle Wallet Manager or ■ orapki command-line tool Managing Keystores, Wallets, and Certificates 8-33 where password is the password for this wallet and subject_dn is the distinguished name of the certificate being deleted. To delete a certificate request or trusted certificate, replace Certificate in the above command with CertificateRequest or TrustedCertificate. 8.4.7.9 Converting a Self-Signed Certificate into a Third-Party Certificate Using Fusion Middleware Control A self-signed certificate residing in a wallet can be converted into a third-party certificate signed by a certificate authority CA. Take these steps to perform the task: 1. From the navigation pane, locate your component instance. 2. Navigate to component_name, the Security, then Wallets. 3. From the list of wallets, select the wallet that contains the self-signed certificate. 4. The Manage Certificates page appears. It contains the list of certificates in the wallet. 5. A new certificate request must be generated for the self-signed certificate that is to be converted. Select the self-signed certificate and click Add Certificate Request. A dialog box appears: 6. Enter the certificate request CR details and click OK. The CR is generated. You can either: ■ Copy and paste the Base64-encoded certificate request to a file. ■ Export it directly to a file with the Export Certificate Request button. 7. Submit the certificate request file to a certificate authority to generate a certificate. This is an offline procedure that you can execute in accordance with your local policy for obtaining certificates. 8. The CA signs the certificate request and generates a certificate. The CA will return you one of the following: ■ A single file containing both the newly generated certificate and its own CA certificate in pkcs7 format Note: The steps are illustrated for use with Oracle Internet Directory, and similar steps are applicable for generating wallets to use with Oracle HTTP Server and Oracle Web Cache.