Configuring SSL on Weblogic Server – Custom Identity and Custom Trust

Secure Sockets Layer have very  important  role in how a sensitive data can be protected, accessed over a network.

WebLogic Server supports  have a dedicated SSL listen port which defaults 7002. 

To establish an SSL connection, a Web browser connects to WebLogic Server by supplying the SSL listen port and the HTTPs protocol in the connection URL

Ex: https://<servername>:7002.

The certificate, installation and configuring the certificate to the WebLogic Server. 

1: Generating and procuring the certificate:

Open a command prompt and set the environment by running the setDomainEnv script.

Generate the private – public key pair.

keytool -genkey -alias client -keyalg  RSA -keysize 2048  -keystore identity.jks -<storepass
>password -keypass <password>

Generate a Certificate Signing Request (CSR) and send it to Certifying Authority

keytool -certreq -keyalg RSA -keysize 2048 -alias client -file certreq.csr -keystore identity.jks -storepass password

Import the certificates into the keystore, this can be done in two ways :

• Importing the certificates in an order of RootCA, intermediateCA and then Certificate reply. 
• create a certificate chain clubbing them in an order into a .pem file.

Import it into the identity keystore overriding the private key alias

keytool -import  -file CertChain.pem -alias client -keystore  identity.jks -storepass password

importing your RootCA certificate into another keystore that constitutes the trust.
keytool -import  -file rootCA.cer -alias RootCA -keystore trust.jks -storepass password

To verify the contents of the keystore, you can use the below command,
Keytool –list –v –keystore <keystore-name> -storepass  <keystore-password>