In the first part of this series of blog posts, we showed you how to create a keystore and import SSL certificates into it for your weblogic servers. In today’s post, we will show you the configurations that you need to change on the weblogic admin console in order for the server to use its SSL certificate.
From weblogic admin console, go to servers->configuration->Keystore and configure according to below image. Select Custom Key and Trust store and provide identity and trust store paths as created in the previous post. Provide pass phrase used to create the keystores. Use jks as the keystore type.
Go to Server->configuration->SSL and configure the page as shown below. Provide the alias and pass phrase that you used to create the private key in the keystore.
Ensure following on this page Server->configuration->SSL
- Hostname Verification is None
- Client Certs Not Requested for Two Way Client Cert Behaviour
- JSSE is enabled
JSSE is enabled (Servers->configuration->SSL->Advanced)
Next step is to make sure SSL listen port is enabled (Server->configuration->general)
In the final part of this series, we will show you how to configure IIS 6.0 to communicate with a Weblogic 11g cluster through SSL.