Import Certificate PFX to Weblogic

Posted: August 5, 2015 in Other

http://www.oracle.com/au/products/database/pfx-pem-certificate-formats-092744.html

http://docs.oracle.com/cd/E28280_01/web.1111/e13707/ssl.htm#SECMG390

1. Fist you must convert *.pfx to *.pem, example name file MYCERTS.pfx to MYCERTS.pem

Tools convert *.pfx to *.pem https://www.sslshopper.com/ssl-converter.html

Certificate *.pem have file below :

· Private key

· Identity certificate

· Root certificate

· Intermediate certificate

Note :

I use geotrust certificate, when export not have identity certificate, only have Private key and intermediate certificate. For root certificate I download https://www.geotrust.com/resources/root-certificates/

2. Creating the Trust Java Key Store

Open MYCERTS.pem , create new file notepad and copy and paste Root Certificate and save with name my_key_root.pem

—–BEGIN CERTIFICATE—–

—–END CERTIFICATE—–

Use the Java key tool utility and import the above my_key_root.pem file to a JKS file:

keytool -import -trustcacerts -file "C:my_key_root.pem" -alias my_key_root -keystore my_key_trust.jks -storepass <Keystore Passphrase>

clip_image002

clip_image004

3. Creating the Identity Java Key Store

Open MYCERTS.pem , create new file notepad and copy and paste Private Key and save with name my_key_pk.pem

—–BEGIN PRIVATE KEY—–

—–END PRIVATE KEY—–

Now set the WebLogic environment and run following command:

Open Command Dos Prompt(cmd) :

C:UsersAdministrator>cd "C:OracleMiddlewareuser_projectsdomainsbrokapptestbin"

C:OracleMiddlewareuser_projectsdomainsbrokapptestbin>setDomainEnv.cmd

clip_image006

java utils.ImportPrivateKey -keystore my_key_identity.jks -storepass <Keystore Passphrase> -storetype JKS -keyp

ass <Keystore Passphrase> -alias my_key_identity -certfile "C:Certmy_key_crt.pem" -keyfile "C:Certmy_key_pk.pem" -keyfilepass <Keystore Passphrase>

clip_image008

clip_image010

4. Enable SSL on Weblogic

clip_image012

clip_image014

Keystores Identity

C:OracleMiddlewareuser_projectsdomainsbrokapptestmy_key_identity.jks

Keystores Trust

C:Javajdk1.7.0_71binmy_key_trust.jks

clip_image016

Save and Active Changes

5. Try to access Weblogic with HTTPS

clip_image018

 

CMIIW, Thanks Smile

Leave a Reply

Your email address will not be published. Required fields are marked *