Sep 262012
 

Below three steps are needed to configure WebLogic (10.3.X) in Fusion Middleware 11g

Step 1: Create a Java Keystore which contains an SSL Certificate.
Step 2: Configure WebLogic Server for SSL
Step 3: Test you can access Weblogic via SSL or NOT

Step 1. Create a Java Keystore which contains an SSL Certificate
——————————————————————————

1. Follow How To Create a Java Keystore via Keytool in Fusion Middleware

Make note of the -alias <alias> parameter, the keystore path and filename, and keystore passwords as they will be used in Step 2 here.

Step 2: Configure WebLogic Server for SSL

The steps below will show steps on configuring SSL for weblogic Managed Server.

1. Start the Admin Server in the Domain

2. Login to the WLS console e.g: http://weblogic.us.techpaste.com:7001/console

3. Select ‘Environment’ -> ‘Servers’ and click on the server you want to configure

4. Select the ‘Keystores’ tab

5. Select ‘Keystore -> ‘Change’

6.Select ‘Custom Identity and Custome Trust’from the drop down list and click ‘Save’

7. Enter the relevant information in the Keystores page:

‘Custom Identity Keystore’ : <path_to_keystore> e.g $MIDDLEWARE/keystores/keystore.jks
‘Custom Identity Keystore’ : JKS (Note: This has to be UPPERCASE)
‘Custom Identity Keystore Passphrase’ : <storepass_pwd> e.g: welcome
‘Confirm Custom Identity Keystore Passphrase’ : <storepass_pwd> e.g: welcome
‘Custom Trust Keystore’ : <path_to_keystore> e.g $MIDDLEWARE/keystores/keystore.jks
‘Custom Trust Keystore Type’ : JKS (Note: This has to be UPPERCASE)
‘Custom Trust Keystore Passphrase’ : <storepass_pwd> e.g: welcome
‘Confirm Custom Trust Keystore Passphrase’ : <storepass_pwd> e.g: welcome
Click ‘Save’

8. Select the ‘SSL’ tab and enter the relevant information:

‘Private Key Alias’ : <alias_given_when_creating_key> e.g server_cert
‘Private Key Password’ : <keypass_pwd> e.g welcome
‘Confirm Private Key Password’: <keypass_pwd> e.g welcome
Click ‘Save’

9. Select ‘Environment’ -> ‘Servers’ and click on the Managed Server configured

10. In the ‘General’ tab:

Check ‘SSL Listen Port Enabled’
‘SSL Listen Port’ : <port> e.g 7012 (make sure this is not used by another process)
Click ‘Save’

11. Start the Server. If the server is running successfuly you shall see the following in the standard out or the Managed Server log file:

<Notice> <Server> <BEA-002613> <Channel “DefaultSecure” is now listening on X.X.X.X:7012 for protocols iiops, t3s, ldaps, https.>

Step 3: Test you can access Weblogic via SSL

1. Access Weblogic via SSL e.g: https://weblogic.us.techpaste.com:7012/<uri>

 

Leave a Reply