First, the Environment preparation:
The 1.Weblogic comes with a JDK installation (one is JRO and the other is sun). If you generate a certificate request directly on the server, go to the bin directory of the path where the JDK is located under the WebLogic installation directory and run the Keytool command. (I am using this kind of)
2. If you need to generate a certificate request file in a different environment, you can choose to install the JDK and later upload the generated keystore file Keystore.jks to the server for configuration.
Second, run the following command (to generate the key) in the bin directory above:
Keytool-genkeypair-alias weblogicsgepit-keyalg "RSA"-keystore/home/weblogic/weblogic_identity.jks (where WEBLOGICSGEP It is a custom key alias)
After running the above command: 1. Prompt for key password and confirm key Password: admin (custom, I write admin)
2. First Name: localhost,3. Organizational unit name: abc,4. Organization name: abc,5. City: beijing,6: Provinces and Cities: Beijing, 7. Country code: CN (can be customized above)
3. Follow the instructions below, and after the operation is complete, you will find that the WEBLOGIC_IDENTITY.JKS is generated under/home/weblogic/.
Iii. Enter a command to generate a certificate issuance request *.pem file (private key)
Keytool-certreq-v-alias weblogicsgepit-file/home/weblogic/cert_request.pem-keypass Admin-storepass admin-keystore /home/weblogic/weblogic_identity.jks (where admin is the password set in the previous step)
Four, after the carriage return, under/home/weblogic you will find that two files have been generated, copy the generated weblogic_identity.jks and Cert_request.pem files to the Base_domain folder of WebLogic, Copy these two files to Base_domain (Base_domain refers to the WebLogic instance root that you created, not necessarily called base_domain) file.
V. Start the WebLogic, enter the management console, configure the key library information,
1. Key Library: Choose custom identity and custom Trust (translation: Custom identity and custom trusts)
2. Custom Identity Key Library: Weblogic_identity.jks
3. Custom Identity KeyStore Type: JKS
4. Custom Identity KeyStore Passphrase: admin
5. Confirm Custom Identity KeyStore Passphrase: admin
6. Custom Trust KeyStore: Weblogic_identity.jks
7. Custom Trust KeyStore Type: JKS
8. Custom Trust KeyStore Passphrase: admin
9. Confirm Custom Trust KeyStore Passphrase: admin
VI. Configuring SSL information, 1_6:
Select the SSL tab and enter the appropriate information.
SSL tab
Identity and trust location: select Keystores
Private key alias: Weblogicsgepit
Private key Passphrase: admin
Seven, start SSL monitoring
After completion, with HTTPS access will be successful, and regret because it is the work of the Intranet, can not be passed to the outside network, TMD even U-disk banned. No way my machine also did not install WebLogic, so there is no picture, make a look at it.
Finally: After the completion of the above implementation of HTTPS request, but still can be accessed with HTTP, so to configure the Web. XML, block HTTP requests, so that HTTP automatically jump to HTTPS.
<security-constraint> <web-resource-collection > <web-resource-name >ssl</ web-resource-name> <url-pattern>/*</url-pattern> </web-resource-collection> <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </ User-data-constraint> </security-constraint>
Deploy CA certificate (free) under WebLogic Service under Linux system, implement HTTPS request