PositiveSSL Certificate Installation: BEA Systems Weblogic

BEAWeblogic CertificateInstallation Instructions

You will be receiving the following four files from comodo:

Root AddTrustExternalCARoot.crt
Intermediate CA UTNAddTrustServerCA.crt
Intermediate CA PositiveSSLCA.crt
domain/site certificate yourdomainname.crt
Or click to download the PositiveSSL Root and Intermediate files

When you receive your certificates you need to store them in the mydomaindirectory.

Note:If you obtain a private key file from a source other than the Certificate Request Generator servlet, verify that the private keyfile is in PKCS#5/PKCS#8 PEM format.

Touse a certificate chain, append the additional PEM-encoded digitalcertificates to the digital certificate that issued for the WebLogicServer (the intermediate CA certificate). The last digitalcertificate in the file chain will be the Root certificate that is self-signed. (example below:)

They must be pasted this in order,PositiveSSLCA.crt First followed by the UTNAddTrustServerCA.crt and lastly the AddTrustExternalCARoot.crt, the result will look similar to the example below (Please note: no blank line between then end of one certificate and the start of the next):
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIQTM1KmltFEyGMz5AviytRcTANBgkqhkiG9w0BAQUFADCB
lzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug
.....
zg5G8t6P2jt9HpOs/PQyKw+rAR+lQI/jJJkfXbKqDLnioeeSDJBLU30fKO5WPa8Y
Z0nf1R7CqJgrTEeDgUwuRMLvyGPui3tbMfYmYb95HLCpTqnJUHvi
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIEhjCCA26gAwIBAgIQUkIGSk83/kNpSHqWZ/9dJzANBgkqhkiG9w0BAQUFADBv
MQswCQYDVQQGEwJTRTEUMBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFk
.....
7uRJQ8E5fc8vlqd1XX5nZ4TlWSBAvzcivwdDtDDhQ4rNA11tuSnZhKf1YmOEhtY3
vm9nu/9iVzmdDE2yKmE9HZzvmncgoC/uGnKdsJ2/eBMnBwpgEZP1Dy7J72skg/6b
kLRLaIHQwvrgPw==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIB+jCCAWMCAgGjMA0GCSqGSIb3DQEBBAUAMEUxCzAJBgNVBAYTAlVTMRgwFgYD
VQQKEw9HVEUgQ29ycG9yYXRpb24xHDAaBgNVBAMTE0dURSBDeWJlclRydXN0IFJv
.....
IjeaY8JIILTbcuPI9tl8vrGvU9oUtCG41tWW4/5ODFlitppK+ULdjG+BqXH/9Apy
bW1EDp3zdHSo1TRJ6V6e6bR64eVaH4QwnNOfpSXY
-----END CERTIFICATE-----

ConfigureWebLogic Server to use the SSL protocol, you need to enter the following information on the SSL tab in the Server Configurationwindow:
In the Server Certificate File Name field, enter the full directory location and name of the digital certificate for WebLogicServer.
In the Trusted CA File Name field, enter the full directory location and name of the digital certificate for Comodo who signed the digital certificate of WebLogic Server. In the Server KeyFile Name field, enter the full directory location and name of the private key file for WebLogic Server.
Use the followingcommand-line option to start WebLogic Server.-Dweblogic.management.pkpassword=password where password is the password defined when requesting the digital certificate.

Storing Private Keys and Digital Certificates
Once you have a private key and digital certificate, copy the private keyfile generated by the Certificate Request Generator servlet and the digital certificate you received into the mydomain directory. PrivateKey files and digital certificates are generated in either PEM or Definite Encoding Rules (DER) format. The filename extensionidentifies the format of the digital certificate file. A PEM (.pem)format private key file begins and ends with the following lines,respectively:

-----BEGINENCRYPTED PRIVATE KEY-----
-----END ENCRYPTED PRIVATE KEY-----
APEM (.pem) format digital certificate begins and ends with the following lines, respectively:
-----BEGINCERTIFICATE-----
-----END CERTIFICATE-----

Note:Typically, the digital certificate file for a WebLogic Server is in one file, with either a .pem or .der extension, and the WebLogicServer certificate chain is in another file. Two files are used because different WebLogic Servers may share the same certificate chain.

The first digital certificate in the certificate authority file is the first digital certificate in the WebLogic Server's certificate chain.The next certificates in the file are the next digital certificates in the certificate chain. The last certificate in the file is aself-signed digital certificate that ends the certificate chain. A DER (.der) format file contains bin ary data. WebLogic Server requires that the file extension match the contents of the certificate file.

Note:If you are creating a file with the digital certificates of multiple certificate authorities or a file that contains a certificate chain,you must use PEM format. WebLogic Server provides a tool forconverting DER format files to PEM format, and visa versa.

  • Email, SSL
  • 2 Users Found This Useful
Was this answer helpful?

Related Articles

PositiveSSL Certificate Installation: Apache & mod_ssl / OpenSSL

Installing your Certificate on Apache Mod_SSL / OpenSSLStep one: Copy your certificate to a...

PositiveSSL Certificate Installation: Apple Mac OS X Server

1. Log into your server as root.2. If it doesn't already exist on your server, create a folder...

PositiveSSL Certificate Installation: C2Net Stronghold

Installing a Certificate on a Stronghold Server Note:There are three certificates that need to...

PositiveSSL Certificate Installation: Cobalt RaQ 4 / 550 / XTR

Installing your Certificate on aCobalt RaQ4/XTR Installing the site certificate Goto the...

PositiveSSL Certificate Installation: Ensim

Installing your Certificate on Apache via Ensim Web appliance 3.1.xStep one: Loading the Site...