Databases Reference
In-Depth Information
Re-enter new keystore password: <Re-type the new password>
3. In previous steps, the WebLogic Demo CA (
CertGenCA.der
) was used to sign the
certificate, so it will be imported to the trust keystore. In production, import the CA
certificate from your trusted CA vendor.
[wls@prod01]$ keytool -import -v -trustcacerts -alias rootCA
-file /oracle/Middleware/wlserver_12.1/server/lib/CertGenCA.der
-keystore PRODTrust.jks
Distribute the
keystore
folder to all machines on the
PROD_DOMAIN
domain:
1. Copy the
keystore
folder to the
prod02
machine:
[wls@prod01]$ scp -r /oracle/Middleware/user_projects/domains/
PROD_DOMAIN/keystores prod02:/oracle/Middleware/user_projects/
domains/PROD_DOMAIN/
Change the Node Manager in the
prod01
and
prod02
machines to use the custom keystores
and the new certificate:
1. Edit the
nodemanager.properties
file:
[wls@prod01]$ vi $WL_HOME/common/nodemanager/nodemanager.
properties
2. Add the following lines to the file:
KeyStores=CustomIdentityAndCustomTrust
CustomIdentityKeyStoreFileName=/oracle/Middleware/user_projects/
domains/PROD_DOMAIN/keystores/PRODIdentity.jks
CustomIdentityKeyStorePassPhrase=password
CustomIdentityAlias=prodcert
CustomIdentityPrivateKeyPassPhrase=password
3. Enter
:ws!
to save and exit.
4. Repeat the
nodemanager.properties
configurations for the
prod02
machine.
5. Restart the Node Manager.
Assign WebLogic Server instances to use the custom keystores and the certificate:
1. Access the Administration Console by pointing your web browser to
http://adminhost.domain.local:7001/console
.
2. Click on the [+] Environment sign from the navigation box to the left and then click
on the Servers link.
3. Click on the PROD_AdminServer link.
Search WWH ::
Custom Search