After you obtain the SSL certificate, you must deploy the certificate to the Content Platform Engine server.
About this task
The keystore that you created in the
WL_HOME/user_projects/domains/domain_name
directory is the identity keystore for WebLogic. You can use the Java standard truststore in
the
JAVA_HOME/jre/lib/security/cacerts directory as
the truststore for WebLogic.
Procedure
To deploy the certificate:
- Log in to the WebLogic administration console.
- Navigate to .
- Click the Configuration tab.
- Click the General tab.
- Select the SSL Listen Port Enabled checkbox.
- Enter a value for SSL Listen Port. The default port number is 7002.
- Click Save.
- Click the Keystores tab.
- Click Change.
- Select the Custom Identity and Java Standard Trust option, and
click Save.
- In the Identity section, enter values for the following fields:
Field |
Example value |
Custom Identity Keystore: |
C:\bea\user_projects\domains\mydomain\server.keystore |
Keystore Type |
JKS |
Keystore Passphrase |
changeit |
- Click Save.
- Make a note of the value for the Java Standard Trust Keystore
field. For example, the keystore value is
C:\bea\jdk160_21\jre\lib\security\cacerts.
- Click the SSL tab.
- In the Private Key Alias field, enter the alias of the identity
certificate that you added to your keystore, such as cpe-alias.
- In the Private Key Passphrase field, enter the value for this
identity certificate, such as YourKeyPassword.
- Click Save.
- From the command line, change to the directory that contains the certificate that you
exported from your identity keystore. For example, change to the
C:\bea\user_projects\domains\mydomain directory that contains the
server.crt certificate file.
- Import this certificate into the Java standard trust location you noted above by using
the following command:
keytool -import -alias cpe-alias -file server.crt
-keystore C:\bea\jdk160_21\jre\lib\security\cacerts -storepass password
Important: The default password for the Java standard truststore is changeit.
Change the password in a production environment.
- Edit the WebLogic startup script to add the following JVM argument to the Java command
line:
-DUseSunHttpHandler=true
- Restart the WebLogic server.