Hello List, I have found that it isn't obvious how to configure openssl in the way acceptable by Oracle Application Server (Imported in to a Wallet). Default OpenSSL configuration doesn't work. I decided to publish that information because believe it can be used by somebody else. It is excellent way to test you SSL enabled configuration for proving concepts without buying certificates from comercial parties or using short term trials. # 1. OPEN SSL Setup CA mkdir -p $ca/demoCA # $ca any dir where you would like to store CA cd $ca echo randomized_string > .rnd touch demoCA/index.txt cp $openssl_home/openssl.cnf . export OPENSSL_CONF=$ca/openssl.cnf # 2. OPENSSL Create CA $openssl_home/bin/openssl req -new -x509 -keyout cakey.pem -out cacert.pem -days 10000 # 3. OWM Generate Wallet + CRequest.csr # 4. OPENSSL Sign CRequest export OPENSSL_CONF=$ca/openssl.cnf $openssl_home/bin/openssl x509 -req -in CRequest.csr -CA cacert.pem -CAkey cakey.pem -CAcreateserial -days 365 > CRequest.crt # 5. OWM Import Trusted CT # 6. OWM Import CRequest.crt # 7. OWM Save Wallet # 8. Configure Apache (OHS) as described in Docs or Metalink PS If you have an issue I be happy to assist. Obviously in my spare time. Yury +44 7738 013090 (GMT) ============================================ http://otn.oracle.com/ocm/jvelikanovs.html -- //www.freelists.org/webpage/oracle-l