Reputation: 1200
How to use certificates from weblogic realm keystores inside web application?
I'm doing some security operations involving certificates in my web application and I would like administrators to manage those certificates (including password etc.) via standard weblogic console. However I don't know how to obtain certificates set in weblogic in web application running in that weblogic. Is it even supported feature? Is it possible to connect it with standard java cryptographic api?
Upvotes: 0
Views: 939
Answers (2)
Reputation: 48
In Weblogic, There is one Mbean with name com.oracle.jps:type=JpsKeyStore. You can check the operations to find one to fulfill you requirements. I think in most of the cases, you can find one.
Upvotes: 1
Reputation: 307
There are 3 ways to update KeyStores in weblogic(Admin console, WLST online, WLST offline).
Admin console
Environment--> servers--> 'your server' --> KeyStores , Then update the related parameters
WLST offline(Script Mode)
readDomain(domainDir)
cd("/Servers/" + msName)
set("KeyStores", "CustomIdentityAndCustomTrust")
set("CustomIdentityKeyStoreFileName", identKeystoreFile)
set("CustomIdentityKeyStorePassPhraseEncrypted", identKeystoreKSPass)
set("CustomTrustKeyStoreFileName", trustKeystoreFile)
set("CustomTrustKeyStorePassPhraseEncrypted", trustKeystoreKSPass)
updateDomain()
exit()
WLST online(Script Mode)
connect(username,password,"t3://localhost:7001")
cd("/Servers/" + msName)
set("KeyStores", "CustomIdentityAndCustomTrust")
set("CustomIdentityKeyStoreFileName", identKeystoreFile)
set("CustomIdentityKeyStorePassPhraseEncrypted", encrypt(inp_identKeystoreKSPass))
set("CustomTrustKeyStoreFileName", inp_trustKeystoreFile)
set("CustomTrustKeyStorePassPhraseEncrypted", encrypt(inp_trustKeystoreKSPass))
save()
activate()
WLST online(Embedded Mode)
InteractiveInterpreter interpreter = new WLSTInterpreter();
StringBuffer buffer = new StringBuffer();
buffer.append("connect('weblogic','weblogic','t3://localhost:7001')\n");
buffer.append("cd('/Servers/' + msName)\n");
buffer.append("set('KeyStores', 'CustomIdentityAndCustomTrust')\n");
buffer.append("set('CustomIdentityKeyStoreFileName', identKeystoreFile)\n");
buffer.append("set('CustomIdentityKeyStorePassPhraseEncrypted', encrypt(inp_identKeystoreKSPass))\n");
buffer.append("set('CustomTrustKeyStoreFileName', inp_trustKeystoreFile)\n");
buffer.append("set('CustomTrustKeyStorePassPhraseEncrypted', encrypt(inp_trustKeystoreKSPass))\n");
buffer.append("save()\n");
buffer.append("activate()");
interpreter.exec(buffer.toString());
Upvotes: 1
Related Questions
- It is possible that a weblogic ssl communication accept all certificates?
- Add certificate in websphere local truststore; Programmatically
- WebLogic 8.1 two-way SSL authentication on a web app full example?
- Client Certificate using Weblogic
- ssl weblogic with identity keystore
- Mutual authentication using pkcs12 certificate in java client with weblogic server
- weblogic ssl with custom truststore
- How do I install a certificate in the trusted certificates keystore within WebSphere?
- Setting up Security Realm in Weblogic 10.3
- weblogic as ssl client (single side auth)