Configuring Identity and Trust

In order to establish and verify server identity and trust, SSL uses private keys, digital certificates, and certificates issued by trusted certification authorities. A certificate is a digitally signed statement from an entity such as a company that states that the public key (or some other information) of another entity has a particular value. When the certificate is digitally signed, the signature is verified to check the integrity of the data in the certificate and authenticate it. Integrity in this context means that the data has not been tampered with, and authenticity means that the data came from whoever claimed to have created and signed it.

Two concepts—identity and trust—are at the heart of SSL connectivity. ...

Get Oracle WebLogic Server 11g Administration Handbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.