WebLogic Server, SSL & Keystores Configuration

WebLogic Server – SSL Configuration

In setting up the SSL configuration for your WebLogic server you need to configure your Keystores.  This is achieve typically by using WebLogic admin console, and navigating to:

Domain  Structure > Servers > server_name > Configuration > Keystores.

WebLogic Server SSL Keystores

WebLogic Keystores Property

Keystores property allows you to set the configuration rules that should be used for finding the server’s identity and trust keystores.  You the following four options for this property:

  • **** Custom Identity and Java Standard Trust: A keystore you create and the trusted CAs defined in the cacerts file in the JAVA_HOME\jre\lib\security directory.
    This is the likely option that you use for your production environments.  You create a proper identity store and get a certificated from a TCA to use.
  • *** Custom Identity and Command Line Trust: An identity keystore you create and command-line arguments that specify the location of the trust keystore.
    This option is ideal if you want to be change the trust keystore with each start-up or try to test different keystores.
  • ** Custom Identity and Custom Trust: Identity and trust keystores you create.
    This is option is suitable for production if all your users know you and trust you.
  • * Demo Identity and Demo Trust: The demonstration identity and trust keystores, located in the BEA_HOME\server\lib directory and the JDK cacerts keystore, are configured by default. Use for development only.
    This is an ideal option to checkout your application using SSL for development and testing purposes.  This allows you not to use the demo artifacts that WebLogic has provided fro you.

Depending on which value you choose from this list you may have to setup the following and dependent properties on the same page.  Your SSL configuration is not completed unless you also address all the subsequent and dependent properties.

If you are using “Demo Identity & Demo Trust” option then most of the other properties on the page are suitable should be fine as they are:

Identity > Demo Identity Keystore

Trust > Demo Trust Keystore

If you are using any custom value for the Keystores property, then you must set these sections accordingly.

 

Need more WebLogic & SSL help?

For more information and to see how eSolution Professional Services could help you and bring your team up to speed with WebLogic please contact us .  Be sure to ask about eSolution WebLogic Managed Services and see how we could help you free up your internal resources and help you focus on your core business.

Leave a Reply

Your email address will not be published.