To Import a Root CA Certificate into the
Application Server 2 Key Store
-
Log in as a root user to Protected Resource 2 and go to the following directory:
/usr/local/bea/jdk150_04/jre/lib/security/
-
Make a backup of cacerts.
-
Import the certificate.
# /usr/local/bea/jdk150_04/bin/keytool -import -trustcacerts -alias OpenSSLTestCA -file /export/software/ca.cer -keystore / usr/local/bea/jdk150_04/jre/lib/security/cacerts -storepass changeit Owner: EMAILADDRESS=nobody@nowhere.com, CN=OpenSSLTestCA, OU=Sun, O=Sun, L=Santa Clara, ST=California, C=US Issuer: EMAILADDRESS=nobody@nowhere.com, CN=OpenSSLTestCA, OU=Sun, O=Sun, L=Santa Clara, ST=California, C=US Serial number: 97dba0aa26db6386 Valid from: Tue Apr 18 07:55:19 PDT 2006 until: Tue Jan 13 06:55:19 PST 2009 Certificate fingerprints: MD5: 9F:57:ED:B2:F2:88:B6:E8:0F:1E:08:72:CF:70:32:06 SHA1: 31:26:46:15:C5:12:5D:29:46:2A:60:A1:E5:9E:28:64:36:80:E4:70 Trust this certificate? [no]: yes Certificate was added to keystore
-
Verify the certificate was added to the key store.
# /usr/local/bea/jdk150_04/bin/keytool -list -keystore /usr/local/bea/jdk150_04/jre/lib/security/cacerts -storepass changeit | grep i openssl openssltestca, Oct 2, 2006, trustedCertEntry,
-
Stop Application Server 2 .
# cd /usr/local/bea/user_projects/domains/ProtectedResource-2/bin # ./stopManagedWebLogic.sh ApplicationServer-2 t3://localhost:7001
-
Stop the administration server.
# ./stopWebLogic.sh
-
Start the administration server.
# nohup ./startWebLogic.sh & # tail -f nohup.out
-
Start Application Server 2.
# nohup ./startManagedWebLogic.sh ApplicationServer-2 http://ProtectedResource-2.example.com:7001 &
- © 2010, Oracle Corporation and/or its affiliates