Other option is to add server SSL certificate into cacerts trust keystore inside WLS installation.
Default trust key store is located in WL_HOME/server/lib and also in JDK
find . -name cacerts
./jrockit_160_14_R27.6.5-32/jre/lib/security/cacerts
./wlserver_10.3/server/lib/cacerts
./jdk160_14_R27.6.5-32/jre/lib/security/cacerts
export JAVA_OPTIONS="-Dweblogic.security.SSL.trustedCAKeyStore=/app/cert/ServerTrust.jks ${JAVA_OPTIONS}"
This is defined is Oracle® Fusion Middleware Securing Oracle WebLogic
Server 11g Release 1 (10.3.1) , Chpt 11, Configuring identity and
trust
WebLogic Server uses the following algorithm when it loads its trusted
CA certificates:
1. I<span style="font-weight:bold;">f the keystore is specified by the
-Dweblogic.security.SSL.trustedCAkeystore command-line argument,</span> load
the trusted CA certificates from that keystore.
2. Else if the keystore is specified in the configuration file
(config.xml), load trusted CA certificates from the specified
keystore. If the server is configured with DemoTrust, trusted CA
certificates will be loaded from the WL_HOME\server\lib\DemoTrust.jks
and the JDK cacerts keystores.
3. Else if the trusted CA file is specified in the configuration
file (config.xml), load trusted CA certificates from that file (this
is only for compatibility with 6.x SSL configurations).
4.Else load trusted CA certificates from <span style="font-weight:bold;">WL_HOME\server\lib\cacerts</span> keystore.
10.3.2
http://download.oracle.com/docs/cd/E15523_01/web.1111/e13707/identity_trust.htm#i1202187
10.3.1
http://download.oracle.com/docs/cd/E12839_01/web.1111/e13707/identity_trust.htm#i1202182
10.3
http://download.oracle.com/docs/cd/E12840_01/wls/docs103/secmanage/identity_trust.html#wp1183754
