Databases Reference
In-Depth Information
11. Repeat the preceding steps for the
PROD_Server01
,
PROD_Server02
,
PROD_Server03
, and
PROD_Server04
instances, using
9001
,
9002
,
9003
,
and
9004
in the SSL Listen Port text fields, respectively.
12. Click on the Activate Changes button.
13. Restart the Administration Server and the Managed Servers.
How it works...
Two new custom keystores were created. The identity keystore,
PRODIdentity.jks
,
was created to store the certificate and its private key. The trust keystore,
PRODTrust.jks
,
was created to store the root CA certificate.
This recipe used the
CertGen
Java utility to sign the certificate using
the WebLogic Demo CA, but in production, you should obtain the digital
certificate from a trusted Certificate Authority such as Symantec, Comodo,
GoDaddy, and GlobalSign.
All WebLogic Server instances were configured to use the custom identity and trust keystores
and stop using the default
DemoIdentity.jks
and
DemoTrust.jks
keystores. The Node
Manager was also configured to use the custom keystores and the new certificate.
The SSL protocol was then enabled in the
PROD_AdminServer
and
PROD_Server01
,
PROD_Server02
,
PROD_Server03
, and
PROD_Server04
Managed Servers.
This recipe used only one certificate for the WebLogic server instances and the Node
Managers. The certificate was signed with
CN=*.domain.local
, meaning it should be valid
to any host with the
domain.local
address. This is possible by enabling the
weblogic.
security.utils.SSLWLSWildcardHostnameVerifier
class of the
Custom
HostName Verification
namespace.
See also
F
Enabling the Administration Port
Creating a new SQL authentication provider
New domains in WebLogic Server 12
c
are created with the default authentication provider
called
DefaultAuthenticator
.
DefaultAuthenticator
authenticates the users and
groups stored in the internal LDAP mechanism on the WebLogic Server. The internal LDAP
runs embedded with the WebLogic Server Instance. The Administration Server runs the
master LDAP and the Managed Servers run the LDAP as replicas.
Search WWH ::
Custom Search