Okay, development is done, application deployed, but wait i need to ensure data is encrypted between users browser and my weblogic server. So how to do that?
Step 1. Generate a private keystore and private key
Step 5. Configure weblogic server keystore and SSL
Your Server > Configuration > Keystores
Change the Keystores to Custom Identity and Custom Trust, and then put the Keystore details as you have created before. Keystore type is JKS.
Save.
Step 1. Generate a private keystore and private key
Example ./keytool -genkey -alias myalias -keyalg RSA -keysize 2048 -keystore mykeystore.jks
Step 2. Generate a CSR which we'll send to Certificate Authority
Example ./keytool -certreq -alias myalias -file mycertrequest.csr -keystore mykeystore.jks
Note: When generating a CSR, enter the domain of your website (i.e. www.mysite.com) in the "first- and lastname" field.
Step 3. Most of the Certificate Authority today uses Intermediate Certificate, so we need to import it to our trusted keystore
Example ./keytool -import -alias rootca -keystore mytrustkeystore.jks -trustcacerts -file intermediateCA.cer
Step 4. After receiving the certificate from Certificate Authority, import it into private key store (the initial keystore used to send the CSR)
Example ./keytool -import -alias myalias -keystore mykeystore.jks -trustcacerts -file sslcertfromca.cer
You can view the contents of keystore using below command:
./keytool -list -v -keystore mykeystore.jks -storepass mypassword
Step 5. Configure weblogic server keystore and SSL
Your Server > Configuration > Keystores
Change the Keystores to Custom Identity and Custom Trust, and then put the Keystore details as you have created before. Keystore type is JKS.
Your Server > Configuration > SSL
Put the alias that you have created before and password.
After completing above steps, restart weblogic server and don't forget to enable SSL port. Now you should be able to access your application with https.
No comments:
Post a Comment