SSL installation on Weblogic 11g - part 2


SSL installation on Weblogic 11g – part 2

In the first part of this series of blog posts, we showed you how to create a keystore and import SSL certificates into it for your weblogic servers. In today’s post, we will show you the configurations that you need to change on the weblogic admin console in order for the server to use its SSL certificate.

From weblogic admin console, go to servers->configuration->Keystore and configure according to below image. Select Custom Key and Trust store and provide identity and trust store paths as created in the previous post.  Provide pass phrase used to create the keystores. Use jks as the keystore type. 

Go to Server->configuration->SSL and configure the page as shown below. Provide the alias and pass phrase that you used to create the private key in the keystore.

Ensure following on this page  Server->configuration->SSL

  1.  Hostname Verification is None
  2. Client Certs Not Requested for Two Way Client Cert Behaviour
  3. JSSE is enabled

JSSE is enabled (Servers->configuration->SSL->Advanced)

Next step is to make sure SSL listen port is enabled (Server->configuration->general)

Save your changes, activate your changes and finally restart each SSL configured managed servers in the cluster one by one.

In the final part of this series, we will show you how to configure IIS 6.0 to communicate with a Weblogic 11g cluster through SSL.

Leave a Reply

Your email address will not be published. Required fields are marked *