How to configure SSL certificate on WebLogic server
In this section, we walk through how to configure SSL certificate on WebLogic servers.
- Identity and Trust Keystore Certificates
- Passphrase of Identity and Trust Keystore
Note: A root certificate is required for a production installation. For this demo configuration, I have used self-signed certificates as shown below. Click on Create self-signed SSL certificate to create your certificates.
Configure SSL certificate on WebLogic Server
1. Open the setDomain.sh file in MW_HOME\user_projects\domains\<DOMAIN_HOME>\bin and search for the following text -Djavax.net.ssl.trustStore. Replace the value with your TrustKeystore certificate like below
2. Login into WebLogic console, click on the server where you deployed your application.
3. Click on the General tab and enable the SSL Listen Port Enabled. Enter an SSL Listen Port
4. Click on HTTP under PROTOCOLS tab. Enter the frontend HOST, Frontend HTTP Port and Frontend HTTPS Port of the server you selected
- Enter the fully qualified domain name on all the host parameters
5. Click on the KeyStores tab. Enter the Identity store and Trust Store information.
- My Identity Store location: <DOMAN_HOME>\certificates\keystore.jks
- My Trust Store location: <DOMAN_HOME>\certificates\truststore.jks
- This Identity Keystore Passphrase and Trust Keystore certificates are getting from the person who created the SSL certificates
6. Select the SSL tab and Input Private Key Alias, Private Key Passphrase and Confirm Private Key Passphrase
- This information you get it from the person who created the SSL certificates
7. Repeat the step 1 to 6 to all other servers in your domain.
8. Restart the Admin and Managed servers. We are done with configuring SSL certificate on WebLogic
Test the SSL
I deployed a sample application on the managed server. /p6 is the context path of the application. Let’s invoke the p6 over SSL port number. The SSL port number is mentioned in STEP-3.
Because we used Self Signed certificate the page look like below. Expand the Advanced and click proceed to localhost
The page redirect to the below
The views expressed on this blog are my personal views and do not necessarily reflect the views of my employer.
Please feeling free to reach me on any comments and feedbacks you have. Would be more than glad to listen and reply 🙂