Configuring Self Certificate and SSL in Weblogic

1. open command prompt and change the directory as you weblogic domain home directory by typing following command:

C:\Users\kunalku> D:\Weblogic10.3.6\user_projects\domains\hgbu_domain\bin
C:\Users\kunalku>d:

2. Then execute the setDomainEnv command as follows:

D:\Weblogic10.3.6\user_projects\domains\hgbu_domain\bin>setDomainEnv.cmd

3. Generate you self certificate by following command

D:\Weblogic10.3.6\user_projects\domains\hgbu_domain>keytool -genkey -alias mykey -keyalg RSA -keysize 2048 -validity 365 -keypass privatepassword -keystore identity.jks -storepass password

it will ask you some question as follows:

What is your first and last name?
  [Unknown]:  localhost
What is the name of your organizational unit?
  [Unknown]:  wls
What is the name of your organization?
  [Unknown]:  wls
What is the name of your City or Locality?
  [Unknown]:  Bangalore
What is the name of your State or Province?
  [Unknown]:  Karnataka
What is the two-letter country code for this unit?
  [Unknown]:  IN
Is CN=localhost, OU=wls, O=wls, L=Bangalore, ST=Karnataka, C=IN correct?
  [no]:  yes

This will create the certificate files.

Now we need to create custom identity store. To create this issue following command:

4. D:\Weblogic10.3.6\user_projects\domains\hgbu_domain>keytool  -export -alias mykey -file root.cer -keystore identity.jks -storepass password

you will get following message:

Certificate stored in file <root.cer>

then we need to create the truststore as follows:

5.  D:\Weblogic10.3.6\user_projects\domains\hgbu_domain>keytool -import -alias mykey -file root.cer -keystore trust.jks -storepass password

You can see the following message

Owner: CN=localhost, OU=wls, O=wls, L=Bangalore, ST=Karnataka, C=IN
Issuer: CN=localhost, OU=wls, O=wls, L=Bangalore, ST=Karnataka, C=IN
Serial number: 12a493b8
Valid from: Mon Jun 22 14:52:24 IST 2015 until: Tue Jun 21 14:52:24 IST 2016
Certificate fingerprints:
         MD5:  2A:C7:02:22:8E:C2:8A:C2:E6:3C:95:88:A5:F0:06:37
         SHA1: 3A:CC:C7:04:9E:D9:82:84:2B:9A:FC:0C:EA:18:B9:43:4C:73:4E:6E
         SHA256: A5:D0:E8:F2:7E:09:06:1D:61:7B:F9:6F:9E:B0:4C:7F:6E:32:06:62:BD:
DE:AB:49:C9:71:31:AC:67:52:CC:49
         Signature algorithm name: SHA256withRSA
         Version: 3

Extensions:

#1: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 18 FF C2 49 37 9C 81 39   2D C3 2B 63 54 81 E1 D9  ...I7..9-.+cT...
0010: B6 74 BE C1                                        .t..
]
]

Trust this certificate? [no]:  yes
Certificate was added to keystore


You can verify the certificate by following command:

6. D:\Weblogic10.3.6\user_projects\domains\hgbu_domain>keytool -list -v -keystore identity.jks -storepass password

It will print following output

Keystore type: JKS
Keystore provider: SUN

Your keystore contains 1 entry

Alias name: mykey
Creation date: Jun 22, 2015
Entry type: PrivateKeyEntry
Certificate chain length: 1
Certificate[1]:
Owner: CN=localhost, OU=wls, O=wls, L=Bangalore, ST=Karnataka, C=IN
Issuer: CN=localhost, OU=wls, O=wls, L=Bangalore, ST=Karnataka, C=IN
Serial number: 12a493b8
Valid from: Mon Jun 22 14:52:24 IST 2015 until: Tue Jun 21 14:52:24 IST 2016
Certificate fingerprints:
         MD5:  2A:C7:02:22:8E:C2:8A:C2:E6:3C:95:88:A5:F0:06:37
         SHA1: 3A:CC:C7:04:9E:D9:82:84:2B:9A:FC:0C:EA:18:B9:43:4C:73:4E:6E
         SHA256: A5:D0:E8:F2:7E:09:06:1D:61:7B:F9:6F:9E:B0:4C:7F:6E:32:06:62:BD:
DE:AB:49:C9:71:31:AC:67:52:CC:49
         Signature algorithm name: SHA256withRSA
         Version: 3

Extensions:

#1: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 18 FF C2 49 37 9C 81 39   2D C3 2B 63 54 81 E1 D9  ...I7..9-.+cT...
0010: B6 74 BE C1                                        .t..
]
]

verify that it has created the following files in the domain directory or not:



Login to Weblogic Admin console --> Environment --> Servers -->
Configuration -> General --> SSL Listen Port Enabled ( Check ) and select the port as 9443 as shown below in screenshot  and then click on save.



Click on Keystores tab under " Configuration " tab :
Click on the change button next to Keystores and sleect " Custom Identity and Custom Trust "  from dropdown and click on save.



Now on keystore tab select the identity and truststore that you have created and click on save.


---Identity---
Custom Identity Keystore : < location of identity keystore that you have created>
NOTE : By default WLS will look for this keystore file in domain_home location.
 Custom Identity Keystore Type : jks
 Custom Identity Keystore Passphrase: password
 ---Trust---
 Custom Trust Keystore : < location of identity keystore that you have created>
NOTE : By default WLS will look for this keystore file in domain_home location.
 Custom Trust Keystore Type : jks
 Custom Trust Keystore Passphrase: password



Then go to SSL tab and change the private key alias as follows:



Now click on the "Advance" link and check the checkbox "Use JSSE SSL" as shown below and click on save.





Now restart the server and then invoke the url https://localhost:7001/console from browser and see if you are able to see the SSL certificate as shown below:




 Happy Coding :)

Comments

Post a Comment

Popular posts from this blog

Setting up the environment for Angular2 and Hello World Example in Angular2

Image
Hi All, In this post I am going you to show you how you can set up the environment for Angular2. You may want to run your application in different servers. So here I am going to show you how you can run your Angular2 application in the following two servers: 1. lite-server (static server) 2. Weblogic Server 10.3 Lets do the setup for lite server.  First of all go to any directory in your computer and create a folder in that directory with name "angular2-example". You can do it by the command line also by typing the following command. mkdir  angular2-example Now once the directory is created you need to create three files. 1. tsconfig.json 2. typings.json 3. package.json 1.  tsconfig.json This file is TypeScript compiler configuration file. It guides the compiler to generate JavaScript files after compilation. The content of this file will be as follows: {   "compilerOptions": {     "target": "es6",     "modu...
Read more

Showing number of rows or row count on top and bottom of table in ADF.

Image
Hi Friends, We will see today how to show the page count on top and bottom of table in ADF. I am assuming that you all know how to create the table to show data from view object in ADF. Assume you have a table which contains the information of employees from employees table of HR schema. Now surround this table with a panel collection. Now your panel collection has some facet with name "statusbar", "toolbar" etc. Right click on facet "toolbar" and select "insert after f : facet toolbar and then "Facet Secondary Toolbar" as shown below in image. Now on facet "statusbar" and "secondaryToolbar" put toolbar component from component pallet. Then put a output text inside each toolbar as follows:  <f:facet name="secondaryToolbar">             <af:toolbar id="t3" stretchId="s2">               <af:spacer width="10" height="10" id="s2...
Read more

Build a Simple ReactJS application using react-cli

Image
Hi All, In this blog we will see how we can create a sample application using react-cli.  It is a command line interface tool that seeks to automate some tasks when working on a React.js project. To starts with you have to install it globally by running following command: npm install -g react-cli The you have to run the following command in command window: npm install -g create-react-app  Now once it is installed you can create any directory where you want to create you sample ReactJS application. I have created a folder with name "TestApp" in my local drive. Now you have to run the following command to create the sample application. create-react-app testapp  While it is creating application and downloading all the artifacts related to this you can see the following things in command line as shown below: So it will create a ReactJS application with name "testapp" under folder "TestApp" as you can see in the above screenshot. On...
Read more