For making your application SSL secured ,which is deployed in Weblogic application server here are the the following steps :
Steps to setup SSL in Weblogic -
1. Firslty you need to create the java keystore :
a) Type the command -
C:\bea\jrockit81sp4_142_05\bin> keytool -genkey -alias servercert -keyalg RSA
-keysize 1024 -dname "CN=jsvede.bea.com,OU=DRE,O=BEA,L=Denver,S=Colorado,C=US"
-keypass test -keystore server_keystore.jks -storepass test
b) To view the jks file generated -
C:\bea\jrockit81sp4_142_05\bin> keytool -list -v -keystore server_keystore.jks
-storepass test
2. Create csr file ie, .per file :
a) Type the command -
C:\bea\jrockit81sp4_142_05\bin> keytool -certreq -v -alias servercert
-file csr-for-myserver.pem -keypass test -storepass test
-keystore server_keystore.jks
b) To view the generated .pem file -
C:\bea\jrockit81sp4_142_05\bin> more csr-for-myserver.pem
3. Configure in the weblogic :
a) Goto Weblogic console -> Servers -> myserver -> KeyStores & SSL ->
KeyStore Configuration -> Change
b) Select Custom Identity and Java Standard Trust.
c) Set the following properties -
- Custom Identity KeyStore : E:\bea\jrockit81sp4_142_05\bin\server_keystore.jks
- Custom Identity Keystore Type : jks
- Custom Identity Keystore Pass Phrase : tradex
- Java Standard Trust Key Store Pass Phrase : tradex
- Click on continue
- Private Key Alias : servercert
- Pass Phrase : tradex
- Click on Continue
- Finish
d) In domains -> mydomain -> config.xml,
Set the following in the <server> tag
<SSL Enabled="true" HostnameVerificationIgnored="false"
IdentityAndTrustLocations="KeyStores" Name="admin"
ServerPrivateKeyAlias="servercert"
ServerPrivateKeyPassPhraseEncrypted="{3DES}OoO7mtolODVhXfQVNGO+8Q=="/>
(You can give the encrypted password as empty also.)
e) In web.xml, set <transport-guarantee> value as
'INTEGRAL' or 'CONFIDENTIAL'.
Note :
pem - Privacy Enhanced Mail Security Certificate.
jks - JavaKeyStores
csr - Certificate Signing Request
