Network Security Internet Technology Development Database Servers Mobile Phone Android Software Apple Software Computer Software News IT Information

In addition to Weibo, there is also WeChat

Please pay attention

WeChat public account

Shulou

Instructions on configuring weblogic KeyStore information, SSL, enabling HTTPS and disabling HTTP

2025-01-25 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >

Share

Shulou(Shulou.com)06/01 Report--

Last time with the headquarters security inspection, collated the configuration weblogic key library information, SSL, enable HTTPS, disable HTTP configuration documents.

Example host 192.168.18.166

Go to the bin file of the jdk installation directory, and generate the key pair (identify the key library) through the keytool tool.

166Host jdk installation directory: / opt/java6

Hostname (IP): 192.168.18.166

Enter the bin directory of jdk

Keytool-genkey-v-alias H3-keyalg RSA-keysize 512-keypass h3passwd-dname "CN=192.168.18.166, OU=NONE, O=NONE, L=BEIJING, ST=BEIJING, C=CN"-validity 365-keystore / webapp/newweb/domains/weblogic_identity.jks-storepass h3passwd

Generating 512-bit RSA key pairs and self-signed certificates (SHA1withRSA) (valid for 365 days) for the following objects:

CN=192.168.18.166, OU=NONE, O=NONE, L=BEIJING, ST=BEIJING, C=CN

[storing / webapp/newweb/domains/weblogic_identity.jks]

Enter the command to generate the key

Keytool-certreq-v-alias H3-file / webapp/newweb/domains/cert_request.pem-keypass h3passwd-storepass h3passwd-keystore / webapp/newweb/domains/weblogic_identity.jks

Certification requirements saved in the file

Submit this to your CA

3. After entering, two files are generated under / webapp/newweb/domains/, and the generated weblogic_identity.jks and cert_request.pem files are copied to the / webapp/newweb/domains/unibss/ folder.

Cp weblogic_identity.jks / webapp/newweb/domains/unibss/

Cp cert_request.pem / webapp/newweb/domains/unibss/

Start weblogic, enter the management console, and configure the key store information (Home > Summary of Servers > AdminServer > Configuration > Keystores)

Http://192.168.18.166:7501/console

Click Lock & Edit

1. Key library: select Custom Identity and Custom Trust

2. Custom identification key library: / webapp/newweb/domains/unibss/weblogic_identity.jks

3. Custom identity KeyStore type: jks

4. Custom identity KeyStore passphrase: h3passwd

5. Confirm the custom identity KeyStore passphrase: h3passwd

6. Customize the trust KeyStore: / webapp/newweb/domains/unibss/weblogic_identity.jks

7. Custom trust KeyStore type: jks

8. Customize the trust KeyStore passphrase: h3passwd

9. Confirm the custom trust KeyStore passphrase: h3passwd

5. Configure SSL information (Home > Summary of Servers > AdminServer > Configuration > SSL)

Private key alias: H3

Private key passphrase: h3passwd

Confirm the private key passphrase: h3passwd

6. Start SSL listening (Home > Summary of Servers > AdminServer > Configuration > General)

VII. Disable HTTP

Add to web.xml

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

Views: 261

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.

Share To

Network Security

Wechat

© 2024 shulou.com SLNews company. All rights reserved.

12
Report