Identity and Trust Keystores

May 28, 2015Posted inConcepts, Weblogic Configuration

When you configure SSL, you must decide how identity and trust will be stored. Although one keystore can be used for both identity and trust, Oracle recommends using separate keystores for both identity and trust because the identity keystore (private key/digital certificate pairs) and the trust keystore (trusted CA certificates) may have different security requirements. For example:

Implement Logging and Intrusion Detection

April 10, 2015Posted inConcepts

Application logging should not be an afterthought or limited to debugging and troubleshooting. Logging is also used in other important activities:

  • Application monitoring
  • Business analytics and insight
  • Activity auditing and compliance monitoring
  • System intrusion detection
  • Forensics