Powered By Blogger

Monday, April 21, 2014

SSL in Weblogic

1.       Generate Keystore        
keytool -genkey -alias alias123 -keyalg  RSA -keysize 2048  -keystore identity.jks -storepass storepass123 -keypass keypass123

We get  identity.jks file from this
2.       Generate the CSR file
keytool -certreq -keyalg RSA -keysize 2048 -alias alias123 -file certreq.csr -keystore identity.jks -storepass storepass123 -keypass keypass123

3.       Using the certreq.csr file generated get SSL certificate, root certificate & intermediate certificate
We name as
                SSL certificate - cert.cer
root certificate- rootCA.cer     (Will be used to import in the browser)
intermediate certificate- intermediatCA.cer     

4.       Now club all these 3 certificates obtained in the order and name the resultant file as CertRootInter.pem
1. cert.cer
2. rootCA.cer
3. intermediateCA.cer

5.       Import CertRootInter.pem file to keystore
keytool -import  -file CertRootInter.pem -alias alias123 -keystore  identity.jks -storepass storepass123 -keypass keypass123

6.       Create the trust file by importing rootCA.cer
keytool -import  -file rootCA.cer -alias alias321 -keystore trust.jks -storepass storepass123 -keypass keypass123

By doing step 6 and 7 we have got
1.     Identity file ( identity.jks ) which contains the certificates you got from certificate authority
2.      Trust file ( trust.jks ) which contain rootCA certificate

7.       Now login to Weblogic and select the managed server
Navigate to keyStores tab

Keystores: Custom Identity and Custom Trust
Custom Identity Keystore: D:\shamajith\middlewareinstaller\jdk160_29\bin\identity.jks
Custom Identity Keystore Type: jks
(store password for identity) Custom Identity Keystore Passphrase:storepasss123  
Custom Trust Keystore: D:\shamajith\middlewareinstaller\jdk160_29\bin\trust.jks
Custom Trust Keystore Type:jks
(store password for trust)Custom Trust Keystore Passphrase: storepasss123


Navigate to SSL Tab
                                Identity and Trust Locations: Keystores
Private Key Location: from Custom Identity Keystore
Private Key Alias: alias123
Private Key Passphrase:keypass123
Certificate Location: from Custom Identity Keystore
Trusted Certificate Authorities: from Custom Trust Keystore

General Tab
Tick on SSL Listen Port enabled and choose the port required.
                               


Posted by at

2 comments:

  1. Basanagowda PatilApril 21, 2014 at 9:26 PM

    https://www.symantec.com/verisign/ssl-certificates

    ReplyDelete
  2. Basanagowda PatilApril 22, 2014 at 4:15 AM

    We can check the keystore by below command
    keytool -list -keystore DemoIdentity.jks
    keytool -list -keystore DemoTrust.jks



    The default passwords will be as below
    http://itguykelly.wordpress.com/2010/05/20/default-weblogic-keystore-passwordpassphrase/

    ReplyDelete

Subscribe to: Post Comments (Atom)