Configure Identity and Trust Stores for Weblogic

4 Configure Identity and Trust Stores for Weblogic

This topic provides the information to configure Identity and Trust Stores for Weblogic.

To configure the identity and trust stores, follow the steps given below:

To enable SSL on Oracle Weblogic Server:
1. On the Homepage, under the Change Center panel, click the Lock & Edit button.
2. Expand Servers node.
3. Select the name of the server that wants to enable SSL.
  For example - exampleserver
4. Navigate to Configuration and select General tab.
5. Select the option SSL Listen Port Enabled and specify the SSL listen port.
6. In the Listen Address field, specify the hostname of the machine in which the application server is installed.

To configure identity and trust stores

On the Homepage, under the Change Center panel, click the Lock & Edit button.
Expand Servers node.
Select the name of the server that wants to configure the keystores.
For example - exampleserver
Navigate to Configuration and select Keystores tab.
In the filed Keystores, select the method for storing and managing private keys/digital certificate pairs and trusted CA certificates. This choice should match the one made in Section 2 of this document (Choosing the Identity and Trust Stores).

In the Identity section, provide the following details:

Table 4-1 Identity Section - Field Description

Attribute	Description
Custom Identity Keystore File Name	Fully qualified path to the Identity keystore.
Custom Identity Keystore Type	Set this attribute to JKS (Java KeyStore), the type of the keystore. If the field is kept blank, it defaults to JKS.
Custom Identity Keystore PassPhrase	Enter the password when reading or writing to the keystore. This attribute is optional or required depending on the type of keystore. All keystores require the passphrase to write to the keystore. However, some keystores do not require the passphrase to read from the keystore. Oracle Weblogic Server only reads from the keystore. So, whether or not define this property depends on the requirements of the keystore.

Attribute

Description

Custom Identity Keystore File Name

Fully qualified path to the Identity keystore.

Custom Identity Keystore Type

Set this attribute to JKS (Java KeyStore), the type of the keystore. If the field is kept blank, it defaults to JKS.

Custom Identity Keystore PassPhrase

Enter the password when reading or writing to the keystore. This attribute is optional or required depending on the type of keystore. All keystores require the passphrase to write to the keystore. However, some keystores do not require the passphrase to read from the keystore.

Oracle Weblogic Server only reads from the keystore. So, whether or not define this property depends on the requirements of the keystore.

Note:

When the identity and trust stores are of the JKS format, the passphrases are not required.

In the Trust section, provide the following details:

If the Java Standard Trust is selected, specify the password used to access the trust store.

If the Custom Trust is selected, the following attributes have to be provided:

Table 4-2 Custom Trust - Field Description

Attribute	Description
Custom Trust Keystore	The fully qualified path to the trust keystore.
Custom Trust Keystore Type	Set this attribute to JKS, the type of the keystore. If the filed is kept blank, it defaults to JKS.
Custom Trust Keystore Passphrase	Enter the password when reading or writing to the keystore. This attribute is optional or required depending on the type of keystore. All keystores require the passphrase to write to the keystore. However, some keystores do not require the passphrase to read from the keystore. Oracle Weblogic.

The server only reads from the keystore. Hence, whether or not you define this property depends on the requirements of the keystore.

Note:

When the identity and trust stores are of the JKS format, the passphrases are not required.