Configuring Identity and Trust

In order to establish and verify server identity and trust, SSL uses private keys, digital certificates, and certificates issued by trusted certification authorities. A certificate is a digitally signed statement from an entity such as a company that states that the public key (or some other information) of another entity has a particular value. When the certificate is digitally signed, the signature is verified to check the integrity of the data in the certificate and authenticate it. Integrity in this context means that the data has not been tampered with, and authenticity means that the data came from whoever claimed to have created and signed it.

Two concepts—identity and trust—are at the heart of SSL connectivity. ...

Get Oracle WebLogic Server 11g Administration Handbook now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.