Thursday, August 30, 2012

Config SSL for WebLogic

I'm not a JAVA developer at all. I just helped my colleague finished this configuration.

Suppose you have 3 necessary files already:
<privkey.pem>: private key
<COMPANY.com.crt>: certification
<gd_bundle.crt>: rootCA


### Generate Identify.jks ###
openssl pkcs8 -topk8 -nocrypt -in privkey.pem -inform PEM -out key.der -outform DER
openssl x509 -in COMPANY.com.crt  -inform PEM -out cert.der -outform DER

javac ImportKey.java
java ImportKey key.der cert.der
keytool -import -file gd_bundle.crt -alias -trustcacerts -keystore keystore.ImportKey -storepass importkey

you can change the generated file <keystore.ImportKey> as xxx.jks if you like

[Verify]
keytool -v -list -keystore keystore.ImportKey -storepass importkey 


### Generate Trusts.jks ###
keytool -import -v -trustcacerts -alias importkey -file gd_bundle.crt -keystore bundle.jks  -storepass importkey


### Config weblogic ###
Enter WebLogic admin conosole
indicate these 2 JKS files in "Keystore" tab.
finger out password in "SSL" tab.


### Verify ###
Domain name should be *.COMPANY.com, otherwise, your browser will give a warning.

4 comments:

  1. Hi FeiFan,

    I have read your topic which introduce how can build the hadoop eclipse plug-in for CDH3. And It is work well. Thank you for your sharing. BTW, Can I ask you a question, where are you from ? China ?

    Regards,
    Minzhi Qi

    ReplyDelete
    Replies
    1. ah, yes, from Nantong, China, living in sillicon valley now.

      Delete
    2. I am living in beijing now, and working for Oracle China. I have an admiration for that you are so many familiar with WebLogic, Hadoop, and lots knowledge.

      I know a little about Natong, but I have gone to Wuxi, Nanjing, Yangzhou of Jiansu province.

      Delete
    3. ... Actually, python & Cpp are my primary working tools :)
      Nice to meet you, Mr Oracle.

      Delete