Enabling SSL in the Data Store of OAM11gR2 comprises of the below mentioned steps.

• Import the certificate/s required for establishing the trust with the Store(backend) in the keystore(cacerts) on the machine hosting OAM's Weblogic Admin server
• Restart the Weblogic Admin server
• Specify the <Hostname>:<SSL port> in the "Location" field of the Data Store and select the "Enable SSL" checkbox

Pre-requisite:-

• Certificate/s to be imported are available for import
• Data Store has already been created using OAM admin console and the connection to the store is successful on non-SSL port( though one can always create a Data Store with SSL settings on the first go)

Steps for importing the certificate/s:-

One can use the keytool utility that comes bundled with JDK to import the certificate. The step for importing the certificate would be same for self-signed and third party certificates (like VeriSign)

$JAVA_HOME/bin/keytool -import -v -noprompt -trustcacerts -alias <aliasname> -file <Path to the certificate file> -keystore $JAVA_HOME/jre/lib/security/cacerts

Here $JAVA_HOME refers to the path of JDK install directory

Note: In case multiple certificates are required for establishing the trust, import all those certificates using the same keytool command mentioned above 

One can verify the import of the certificate/s by using the below mentioned command

$JAVA_HOME/bin/keytool -list -alias <aliasname>-v -keystore $JAVA_HOME/jre/lib/security/cacerts