Installing a Global ID for
BEA WebLogic Server

The certificate that you will receive from VeriSign contains two parts - a server part, and a CA part. These will be clearly marked in the certificate that you will receive.

  • Installing the Global Server Certificate
  • Installing the Intermediate CA Certificate
  • Installing the Global Server Certificate
    1. Open a text editor window and create a new file to hold your certificate. You can name the file anything, but it must have a .pem extension. For example, you could name it "GlobalCert.pem".
    2. Return to the email and copy the certificate marked as the SERVER CERT including the two lines labeled "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----" into your editor.
    3. Save the Certificate File in the WebLogic Server installation directory, which is usually c:/weblogic on Windows NT.
    4. In your text editor, open the weblogic.properties file, which is also in your WebLogic Server installation directory. Look the string "weblogic.security.certificate.server". This is the first of the Server certificate entries in the properties file. Set this property, and the weblogic.security.key.server property which follows it, to the names of the Global Certificate file you created in the previous step, and the key file you created when you generated the Certificate Signature Request. Your properties should look like this:
      weblogic.security.certificate.server=global_certificate_file
      weblogic.security.key.server=globalKey.der

    Installing the Intermediate CA Certificate
    1. Add a new property to your weblogic.properties file beneath the weblogic.security.key.server property:
      weblogic.security.certificate.authority=globalIntermediate.pem
    2. Save the weblogic.properties file.
    3. Create a new file in the WebLogic installation directory and name it globalIntermediate.pem.
    4. Return to the email, select the Intermediate CA link and copy the root certificate information, including the two lines labeled "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----" into the globalIntermediate.pem file. Save this file.

    Make Sure Your Customers are Using the Proper Versions of the browsers. As we noted before you enrolled for the Global Server ID, these IDs do not work with the older versions of Microsoft and Netscape Browsers. Global Server IDs will work with the following browsers:
    • Netscape Navigator 4.0 or later
    • Microsoft Internet Explorer 4.0 or later
    • Microsoft Internet Explorer 3.02 on Windows NT
    If your users are using Microsoft Internet Explorer 3.02 on Windows 95 they will need to install a special, free patch, called English Exportable SGC Add-On for IE 3.02, available at http://microsoft.com/msdownload/ieplatform/iewin95/05000.htm

    If your users are using Netscape Navigator 3.0, they will only be able to connect to your site at 40 bit encryption levels.
    Navigator prior to 3.0 or Internet Explorer prior to 3.02 will not work with Global Server IDs. Please provide proper notice to your customers.