Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

enabling SSL on weblogic

Tags:

ssl

weblogic

Is this enough to enable SSL on weblogic server?

Open console > Environment > Servers > open a managed server where your application is deployed > check 'SSL Listen Port Enabled' checkbox.

Once I did that, I could open my application on HTTPS using HTTPS port.

Why I am asking this question because on this page: http://docs.oracle.com/cd/E13222_01/wls/docs81/secmanage/ssl.html

In section - Configuring SSL, they're not suggesting this simple step.

I understand that by enabling SSL using the way I did, I am using weblogic's default certificate, but for testing I don't mind that.

Please confirm.

Thanks.

like image 327
keeping_it_simple Avatar asked Aug 02 '13 15:08

keeping_it_simple

People also ask

How do I know if SSL is enabled in WebLogic?

Open console > Environment > Servers > open a managed server where your application is deployed > check 'SSL Listen Port Enabled' checkbox.

How does SSL work in WebLogic?

It is a security protocol to enable Web sites to pass sensitive information securely in an encrypted format. It is based on the RSA Data Security's public-key cryptography. SSL provides transport level security by usage SSL certificates which are provided by standard Certificate Authorities like such as VeriSign.

Which WebLogic resources can enable SSL communication?

As of WebLogic Server version 12.1. 1, JSSE is the only SSL implementation that is supported.

2 Answers

The short answer is yes. As you've said, you certainly don't want to use the demo certificate in production.

The reason why that simple step isn't mentioned is that it's covered in the "Configure Listen Ports" page. Turning on the SSL listen port is comparable to adding "Listen 443" in an apache config. It means you can communicate over SSL, but doesn't force it or stop listening for HTTP.

One other thing - the Weblogic version in the documentation you posted was 8.1. I'm not sure if you intended it to be such an old version, so here's the same page for 11g: http://docs.oracle.com/cd/E23943_01/web.1111/e13707/ssl.htm

like image 142
Mike Avatar answered Sep 21 '22 19:09

Mike

Yes...you can enable SSL in that way...If you do like that it will load demo trustedstore and keystore and validates whenever client hits the url via ssl then these demo certs will be validated....

It's good practice to have a customized certs for your applications...

like image 39
Tatarao Vana Avatar answered Sep 19 '22 19:09

Tatarao Vana
Sign in to Comment

Related questions

Sign in with Facebook oauth, without full facebook.com access
WebView with SSL Client Certificate on Android 4 ICS
Non-blocking SSL server using Thrift
Java Mail over TLS
Node HTTPS request SELF_SIGNED_CERT_IN_CHAIN
Python using system SSL certificates?
Is it necessary to verify checksum when data is sent over https
SSL Error at Composer Install
Bad Gateway Error using Socket.io Node.js over SSL
NodeJS https server returning ERR_SSL_PROTOCOL_ERROR using express
Configuring Jetty with SSL/TLS and Keystore
Unsuccessful in using Automated Certificate Management for domains hosted on Google Domains
R RPostgreSQL Connect to Remote Postgres Database with SSL
Start docker with flask application using ssl [duplicate]
Client connecting to an SSL server with Self-Signed Certificates
Detecting browser's SNI support
SSL/TLS without certificates
Using LWP with SSL and client certificates
Intermittent "sslv3 alert handshake failure" under Python
Handshake alert: unrecognized_name error

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!