Technical data

14 Managing Security

14-58 Administration Guide

9. Click Next.

10. Enter a name for the converted digital certificate.

11. Click Finish.

The resulting file is in PEM format.

12. Perform steps 3-11 for the other

pb7 file.

13. Open a text editor and include both the PEM files into a single PEM file. The

order is important (include the files in the order of trust). The server digital

certificate should be the first digital certificate in the file. The trusted CA

certificate should be the next file.

You cannot have blank lines between digital certificates.

Modifying Parameters for SSL Session Caching

As of WebLogic Server 6.1 Service Pack 2, the SSL code includes parameters for SSL

session caching. Using a cached SSL session eliminates the need for the connection to

go through the SSL handshake again. The connection can simply pick up where it left

off. By using a cached SSL session, an application significantly reduces the time spent

establishing SSL connections, greatly improving performance. To use a cached SSL

session, both the client and the server must have the ability to do SSL session caching.

All browsers have the ability to do SSL session-caching.

The server-session caching is saved in the TTL Cache. For more information about

TTL Cache, see Configuring the Caching Realm. The client-side SSL session cache

will only hold one SSL session on the thread of execution.

SSL session caching is turned on by default. You can modify the server-session

caching default size and time-to-live by using the following command line flags:

-Dweblogic.security.SSL.sessionCache.size=211

-Dweblogic.security.SSL.sessionCache.ttl=600