Last updated on JUNE 13, 2017
Applies to:Oracle WebLogic Server - Version 9.0 to 10.3.6
Information in this document applies to any platform.
WebLogic Server (WLS) is configured by default with Demo Identity and Demo Trust. To use these, we just need to enable the SSL port under the General Tab of the server, and WLS will start listening over SSL on that port.
However, using these demo certificates is not recommended in a production environment because they do not provide adequate security. Instead of using the demo certificates, we can either get our certificates signed by a third-party certifying authority or use self-signed certificates (use our own root ca which we can use to sign our own certificates).
To generate the certificates, we need to use keytool. Keytool is a standard java keystore utility. This is included with the Java SE JDK as well as the JRockit JDK.
For more information, please see the Keytool documentation.
A keystore is a database of key material. Key material is used for a variety of purposes, including authentication and data integrity. There are various types of keystores available, including "PKCS12" and Java's "JKS." There are two types of keystores: identity keystores and trust keystores. An identity keystore contains the server's private key and is therefore referred to as the identity. This keystore can contain more than one private key. A trust keystore contains the root and intermediate certificates which are trusted by the server.
In this document, we will look at the steps that need to be implemented to configure SSL using custom certificates through a JKS type of keystore.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms