Deploy CA certificate (free) under WebLogic Service under Linux system, implement HTTPS request

Source: Internet
Author: User

First, the Environment preparation:

The 1.Weblogic comes with a JDK installation (one is JRO and the other is sun). If you generate a certificate request directly on the server, go to the bin directory of the path where the JDK is located under the WebLogic installation directory and run the Keytool command. (I am using this kind of)

2. If you need to generate a certificate request file in a different environment, you can choose to install the JDK and later upload the generated keystore file Keystore.jks to the server for configuration.

Second, run the following command (to generate the key) in the bin directory above:

Keytool-genkeypair-alias weblogicsgepit-keyalg "RSA"-keystore/home/weblogic/weblogic_identity.jks (where WEBLOGICSGEP It is a custom key alias)

After running the above command: 1. Prompt for key password and confirm key Password: admin (custom, I write admin)

2. First Name: localhost,3. Organizational unit name: abc,4. Organization name: abc,5. City: beijing,6: Provinces and Cities: Beijing, 7. Country code: CN (can be customized above)

3. Follow the instructions below, and after the operation is complete, you will find that the WEBLOGIC_IDENTITY.JKS is generated under/home/weblogic/.

Iii. Enter a command to generate a certificate issuance request *.pem file (private key)

Keytool-certreq-v-alias weblogicsgepit-file/home/weblogic/cert_request.pem-keypass Admin-storepass admin-keystore /home/weblogic/weblogic_identity.jks (where admin is the password set in the previous step)

Four, after the carriage return, under/home/weblogic you will find that two files have been generated, copy the generated weblogic_identity.jks and Cert_request.pem files to the Base_domain folder of WebLogic, Copy these two files to Base_domain (Base_domain refers to the WebLogic instance root that you created, not necessarily called base_domain) file.

V. Start the WebLogic, enter the management console, configure the key library information,

1. Key Library: Choose custom identity and custom Trust (translation: Custom identity and custom trusts)
2. Custom Identity Key Library: Weblogic_identity.jks
3. Custom Identity KeyStore Type: JKS
4. Custom Identity KeyStore Passphrase: admin
5. Confirm Custom Identity KeyStore Passphrase: admin
6. Custom Trust KeyStore: Weblogic_identity.jks
7. Custom Trust KeyStore Type: JKS
8. Custom Trust KeyStore Passphrase: admin
9. Confirm Custom Trust KeyStore Passphrase: admin

VI. Configuring SSL information, 1_6:

Select the SSL tab and enter the appropriate information.
SSL tab
Identity and trust location: select Keystores
Private key alias: Weblogicsgepit
Private key Passphrase: admin

Seven, start SSL monitoring

After completion, with HTTPS access will be successful, and regret because it is the work of the Intranet, can not be passed to the outside network, TMD even U-disk banned. No way my machine also did not install WebLogic, so there is no picture, make a look at it.

Finally: After the completion of the above implementation of HTTPS request, but still can be accessed with HTTP, so to configure the Web. XML, block HTTP requests, so that HTTP automatically jump to HTTPS.

<security-constraint>        <web-resource-collection >               <web-resource-name >ssl</ web-resource-name>               <url-pattern>/*</url-pattern>        </web-resource-collection>                                    <user-data-constraint>               <transport-guarantee>CONFIDENTIAL</transport-guarantee>        </ User-data-constraint> </security-constraint>

  

  

Deploy CA certificate (free) under WebLogic Service under Linux system, implement HTTPS request

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.