BEA Weblogic Server SSL Installation Instructions
Create The PEM File
The easiest way to import a chained certificate (one with an intermediate certificate) into Weblogic is to included all the certificates in a text file with a .pem extension and import it. Once you have downloaded your certificate from your certificate authority, open all the files in a text editor. Copy and paste any intermediate and root certificates right below your primary certificate in the following order: Primary Certificate > Intermediate Certificate > Root Certificate. Save the file with a .pem extension (i.e myCertificate.pem) The file should look like this when finished:
-----BEGIN CERTIFICATE-----
(Primary SSL certificate)
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
(Intermediate certificate)
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
(Root certificate)
-----END CERTIFICATE-----
Import and Install the Certificate
- Using the java keytool command line utility, import the pem file you created above using the following command:
keytool -import -alias tomcat -keystore /path_to_keystore/mykeystore -file myCertificate.pemThe command should be typed on one line. This command imports the certificate into the keystore named mykeystore in the working directory. Your keystore path and name may be different. - Noe open the WebLogic Server Console and drill down to Security > Keystores > DefaultKeyStore and fill in the paths, file name, and various passwords for your private key, root CA certificate, and keystore locations.
- Restart the WebLogic server.
Useful Weblogic SSL Links
- Securing Weblogic Server
- Configure Keystores & SSL in WebLogic 8.1
- Storing Private Keys, Digital Certificates, and Trusted Certificate Authorities for Weblogic 10.
Comments