How to generate a Keystore .jks for
weblogic
Open
command prompt as an administrator
Go to java
folder that you installed in your system eg: c:\Program
files\java\jdk1.6.0_26\bin
Enter the
command “ Keytool -genkey -alias tomcat
-keyalg RSA –keystore keystore.jks”
Answer the
questions that cmd asks
Eg:- what is your first name & last name,
What is your
organization unit, what is the name of your organization , city,state,country ,
Y or N.
Answer all
the questions above as per you.
Enter key
password for weblogic , re-enter .
Now the
keystore.jks fille will be generated in bin folder.
If you are
using self certificate then you can save the keystore.jks file and do the
following.
(“If you are
using the third party certificate then use this
Generate
the Certificate Signing Request (CSR) using this command: “keytool
-certreq -v -alias tomcat -file csr-for-myserver.pem -keystore keystore.jks”
You will get
response cert from vendor then save the file & do the following”)
Log into the
Admin Console, select the server on which you want to configure the SSL
certificate.
Servers-click
on the keystore tab,by default it points to the demo certificates.
Server
–> Click on the Keystore tab. By default it points to the Demo
Certificates.
From
the dropdown list select the “Custom Identity and Custom Trust”
option.
Enter
the identity and trust keystore details
Configure the identity of the server:
Click
on the SSL tab and enter the alias of the private key i.e. client in
this case and the keypass password.
NOTE: If
you enable the SSL for a WebLogic Server, by default it would be One Way SSL.
If you want to change to Two Way SSL, you would require to select the two
way SSL behavior from the Advanced option list.
Configure the SSL port.
By
default it would be 7002.
Go
to server –> General tab –> Specify and enable SSL port.
You
can see the below messages in the server logs which indicate that the
certificates are loaded.
Now you
can test the web logic with HTTPS
No comments:
Post a Comment