Friday, October 14, 2016

Create keystores for Weblogic 12C


To create keys issue the following commands:

keytool -genkey -keyalg RSA -alias aliasdemo -keystore alias_identity.jks -dname "CN=CEN-BI-DS-ODI01, OU=alias_demo, O=alias_demo, L=Mexico, ST=Mexico, C=MX" -storepass passW0rd -validity 3600 -keysize 2048 -keypass passW0rd
keytool -selfcert -v -alias alias_demo -keypass passW0rd -keystore alias_demo_identity.jks -storepass passW0rd -storetype jks -validity 3600
keytool -export -v -alias alias_demo -file "alias_demo.gob.mx-rootCA.der" -keystore alias_demo_identity.jks -storepass passW0rd
keytool -import -v -trustcacerts -alias alias_demo -file "alias_demo.gob.mx-rootCA.der" -keystore alias_demo_trust.jks -storepass passW0rd

Steps to deploy them in weblogic server
  • Identity Keystore: "/opt/oracle/keystore/alias_identity.jks"
  • Trust Keystore: "/opt/oracle/keystore/alias_trust.jks"
  • Alias: cenace
  • Store Password: passW0rd
  • Key Password: passW0rd
  • Valid for: 3600 Days (Approx 10 Years)
  • In the WebLogic Server Administration Console, click on "Servers" in the "Domain Structure" tree.
  • Click on the managed server you wish to configure.
  • Click on the "Configuration > Keystores" tab and sub-tab.
  • If you are running on production mode, click the "Lock & Edit" Button.
  • Click the "Change" button next to the "Keystores" setting.
  • Select the "Custom Identity and Custom Trust" option and click the "Save" button.
  • Enter the identity details. For example.

    • Custom Identity Keystore: /home/oracle/keystore/alias_identity.jks
    • Custom Identity Keystore Type: JKS
    • Custom Identity Keystore Passphrase: passW0rd
    • Confirm Custom Identity Keystore Passphrase: passW0rd
  • Enter the trust information. For example.

    • Custom Identity Keystore: /home/oracle/keystore/alias_trust.jks
    • Custom Identity Keystore Type: JKS
    • Custom Identity Keystore Passphrase: passW0rd
    • Confirm Custom Identity Keystore Passphrase: passW0rd
  • Click the "Save" button.
  • Click the "SSL" tab.
  • Enter the identity details. For example.

    • Private Key Alias: aliasdemo
    • Private Key Passphrase: passW0rd
    • Confirm Private Key Passphrase: passW0rd
  • Click the "Save" button.
  • If you are running in production mode, click the "Activate Changes" button.
=)
Publicadas por a la/s No comments:
Etiquetas: , ,
Subscribe to: Posts (Atom)