I have came across a requirement in my project where I need to renew the existing SSL certificates of OHS. Same steps can also be used in case of replacing the default SSL certificates. Below are the major steps which needs to be done;
1. Open Oracle Wallet Manager GUI and create an empty wallet.
2. Create certificate request by adding certificate to that wallet. It will ask for many details but most important is common name which is the server name and can be found in httpd.conf file.
3. After wallet is created with Export that wallet and it will act as CSR (certificate signing request) which needs to be send to CA (certificate authority).
4. Once CA approves then signed certificates will be given by CA. Import those certificates using OWM in the above created wallet.
5. Save the wallet as cwallet.sso file in <instance_home>/config/OHS/<instance_name> directory.
6. Update the new wallet created above in OHS config files i.e. httpd.conf and ssl.conf files.
7. Restart OHS.