enabling SSL on weblogic

Question

Is this enough to enable SSL on weblogic server?

Open console > Environment > Servers > open a managed server where your application is deployed > check 'SSL Listen Port Enabled' checkbox.

Once I did that, I could open my application on HTTPS using HTTPS port.

Why I am asking this question because on this page: http://docs.oracle.com/cd/E13222_01/wls/docs81/secmanage/ssl.html

In section - Configuring SSL, they're not suggesting this simple step.

I understand that by enabling SSL using the way I did, I am using weblogic's default certificate, but for testing I don't mind that.

Please confirm.

Thanks.

Answer 1

The short answer is yes. As you've said, you certainly don't want to use the demo certificate in production.

The reason why that simple step isn't mentioned is that it's covered in the "Configure Listen Ports" page. Turning on the SSL listen port is comparable to adding "Listen 443" in an apache config. It means you can communicate over SSL, but doesn't force it or stop listening for HTTP.

One other thing - the Weblogic version in the documentation you posted was 8.1. I'm not sure if you intended it to be such an old version, so here's the same page for 11g: http://docs.oracle.com/cd/E23943_01/web.1111/e13707/ssl.htm

Answer 2

Yes...you can enable SSL in that way...If you do like that it will load demo trustedstore and keystore and validates whenever client hits the url via ssl then these demo certs will be validated....

It's good practice to have a customized certs for your applications...