Ask a Question

Solution ID : SO15209

Last Modified : 05/02/2018

Install a QuickSSL certificate on BEA Weblogic 9.0

Problem

How do I install a QuickSSL certificate on a BEA Weblogic server 9.0
How to install a QuickSSL certificate on BEA Weblogic 9.0

Solution

To install your QuickSSL certificate on a BEA Weblogic 9.0 server, perform the following steps:
 
This document provides instructions for installing your SSL certificate. If you are unable to use these instructions for your server, we recommend that you contact either the vendor of your software or an organization that supports BEA Weblogic.


Step 1. Download your certificate
 
  1. You will receive an email when your certificate is issued.

  2. You require your certificate in PKCS#7 format, to download your certificate as per the instruction on the following solution:
     
    • GeoTrust Security Center, refer to solution SO22158
    • GeoTrust Enterprise Security Center, refer to solution SO21128
    • GeoTrust User Portal (e.g., certificate purchased through Retail or Partners), refer to solution SO15168
 
Step 2. Install your certificate
 
Import the certificate into the keystore you created using the following command: 
 
keytool -import -alias [keyEntry_friendly_name] -file certificate.p7b -keystore [keystore_friendly_name] -trustcacerts
 
 
Step 3. Configure the Identity and Trust keystores for WebLogic Server
 
  1. Expand the Servers node. 
     
  2. Select the name of the server for which you want to configure keystores.
     
  3. Select the button 'Keystores and SSL tab' to configure the keystore for the domain. 
     
  4. By default, WebLogic ships with demo certificates for testing purposes. Click the 'Change' link in the upper-right portion of the configuration items. This will display the drop-down list of options for configuration. 
     
  5. Choose 'Custom Identity and Java Standard Trust' from the list. 
     
  6. Specify the identity keystore information.
     
    [Custom identity]
     
    Custom Identity key store file Name: c:\where\my\keystore\is\located\mykeystore.keystore (The fully qualified path to your keystore)
    Custom Identity key Store Type: jks (Generally, this attribute is jks)
    Custom Identity key Store Pass Phrase: keystore_password (The password defined when creating the keystore)
    Confirm Customer Identity key Store Pass Phrase: Keystore_password (The password defined when creating the keystore)
     
    [Java Standard Trust]

    Java standard Trust Key Store Pass Phrase: changeit (unless your system admin changed it the password for the cacerts keystore is "changeit")
    Confirm Java Standard Trust Key Store Pass Phrase: changeit (unless your system admin changed it the password for the cacerts keystore is "changeit")
    Click 'continue'

    [Review SSL Private Key Settings]

    Private key Alias: keyEntry_friendly_name (the alias is the friendly name for your keyEntry (private key), if you do not remember it please run the following command on your keystore to confirm the alias: keytool -list -keystore [keystore_friendly_name] -v)
    Passphrase: keyEntry_password (specify the keyEntry (private key) password. The password for the private key may differ from the one for the keystore)
    Confirm Passphrase: keyEntry_password (specify the keyEntry (private key) password. The password for the private key may differ from the one for the keystore)
     
  7. Click 'continue'
     
  8. Click Finish.
     
  9. Reboot WebLogic Server.
     
Step 4:  Verify certificate installation
  1. To verify if your certificate is installed correctly, use the GeoTrust Installation Checker