4 Configure Identity and Trust Stores for Weblogic

This topic provides the information to configure Identity and Trust Stores for Weblogic.

• Enable SSL on Oracle WebLogic Server
  This topic provides the systematic instructions to enable the SSL on Oracle WebLogic Server.
• Configure Identity and Trust Stores
  This topic provides the systematic instructions to configure the identity and trust store for WebLogic.

4.1 Enable SSL on Oracle WebLogic Server

This topic provides the systematic instructions to enable the SSL on Oracle WebLogic Server.

Login to the Oracle WebLogic Admin Console to configure SSL.

1. Under Change Center, click Lock & Edit.
2. Expand Servers node.
3. Select the name of the server for which you want to enable SSL.
   Example: example server
4. Navigate to Configuration and select General tab.
5. Select the SSL Listen Port Enabled option and specify the SSL listen port.
6. In Listen Address field, specify the hostname of the machine in which the application server is installed.

4.2 Configure Identity and Trust Stores

This topic provides the systematic instructions to configure the identity and trust store for WebLogic.

Login in to the Oracle WebLogic Admin Console.

1. Under Change Center, click Lock & Edit.
2. Expand Servers node.
3. Select the name of the server to configure the keystores.
   Example: exampleserver
4. Go to Configuration and select Keystores tab.
5. In the filed Keystores, select the method for storing and managing private keys/digital certificate pairs and trusted CA certificates.
   This choice should match the one made in Choose the Identity and Trust Stores section of this document.
6. In the Identity section, provide the following details:
   • Custom Identity Keystore File Name: Fully qualified path to the Identity keystore.
   • Custom Identity Keystore Type: Set this attribute to JKS, the type of the keystore. If left blank, it is defaulted to JKS (Java KeyStore).
   • Custom Identity Keystore PassPhrase: The password you enter when reading or writing to the keystore. This attribute is optional or required depending on the type of keystore. All keystores require the passphrase in order to write to the keystore. However, some keystores do not require the passphrase to read from the keystore. Oracle Weblogic server only reads from the keystore. So whether or not you define this property depends on the requirements of the keystore.
7. In the Trust section, provide the following details:

   If the user choose Java Standard Trust, specify the password used to access the trust store.

   If the user choose Custom Trust, the following attributes have to be provided:

   • Custom Trust Keystore: The fully qualified path to the trust keystore.
   • Custom Trust Keystore Type: Set this attribute to JKS, the type of the keystore. If left blank, it defaults to JKS (Java KeyStore).
   • Custom Trust Keystore Passphrase: The password you enter when reading or writing to the keystore. This attribute is optional or required depending on the type of keystore. All keystores require the passphrase in order to write to the keystore. However, some keystores do not require the passphrase to read from the keystore. Oracle Weblogic

   Server only reads from the keystore. So, whether or not you define this property depends on the requirements of the keystore.

   Note:

   If the identity and trust stores are in the JKS format, the passphrases are not required.