Secure Sockets Layer have very important role in how a sensitive data can be protected, accessed over a network.
WebLogic Server supports have a dedicated SSL listen port which defaults 7002.
To establish an SSL connection, a Web browser connects to WebLogic Server by supplying the SSL listen port and the HTTPs protocol in the connection URL
Ex:
https://<servername>:7002
.
The certificate, installation and configuring the certificate to the WebLogic Server.
1: Generating and procuring the certificate:
Open a command prompt and set the environment by running the setDomainEnv script.
Generate the private – public key pair.
keytool -genkey -alias client -keyalg RSA -keysize 2048 -keystore identity.jks -<storepass
>password -keypass <password>
keytool -genkey -alias client -keyalg RSA -keysize 2048 -keystore identity.jks -<storepass
>password -keypass <password>
Generate a Certificate Signing Request (CSR) and send it to Certifying Authority
keytool -certreq -keyalg RSA -keysize 2048 -alias client -file certreq.csr -keystore identity.jks -storepass password
keytool -certreq -keyalg RSA -keysize 2048 -alias client -file certreq.csr -keystore identity.jks -storepass password
Import the certificates into the keystore, this can be done in two ways :
- Importing the certificates in an order of RootCA, intermediateCA and then Certificate reply.
- create a certificate chain clubbing them in an order into a .pem file.
Import it into the identity keystore overriding the private key alias
keytool -import -file CertChain.pem -alias client -keystore identity.jks -storepass password
keytool -import -file CertChain.pem -alias client -keystore identity.jks -storepass password
importing your RootCA certificate into another keystore that constitutes the trust.
keytool -import -file rootCA.cer -alias RootCA -keystore trust.jks -storepass password
keytool -import -file rootCA.cer -alias RootCA -keystore trust.jks -storepass password
To verify the contents of the keystore, you can use the below command,
Keytool –list –v –keystore <keystore-name> -storepass <keystore-password>
Keytool –list –v –keystore <keystore-name> -storepass <keystore-password>
No comments:
Post a Comment