Apache 2.2 21 forward Proxy 2 way SSL for weblogic server as a client

Hi All,
Currently, i am trying to implement a forward SSL proxy. The client will hit my apache server which in return will hit a IIS Server.
scenarios 1
client(weblogic)--*2 way SSL*Apache(forward proxy)*2 way SSL*-- IIS
If i were to implement 1 way ssl, i am able to see the content of the website.
client(weblogic) --- Apache(forward proxy) --- IIS
If i were to launch the web browser from the client machine (with the client certificate imported in the browser), i am able to view the content in the IIS. But if i were to simulate the connection from weblogic server, it just give me end of file exception (response contain no data) on the logs.
Below is my configuration
Listen 8080
<VirtualHost default:8080>
ServerName serverA
ErrorLog "logs/ssl_error_log"
CustomLog "logs/ssl_access_log" common
SSLProxyEngine On
SSLProxyMachineCertificateFile /certificate/servercert.cer
SSLProxyCACertificateFile /certificate/rootCA.cer
SSLProxyVerify require
SSLProxyVerifyDepth 10
ProxyRequests On
ProxyVia On
AllowConnect 12345
<Proxy *>
Order allow,deny
Allow from all
</Proxy>
</VirtualHost>
For 2 way SSL, will the client forward their client certificate to my apache proxy server and apache will on the client behalf forward the client certificate to the IIS server for authenication?
Or the SSL authenication still happen between the client (weblogic) and the end server (IIS) bypassing the proxy server.
Please help.

It is a domain wide setting. Can you not create a new domain? I do not think that you can handle it from web.xml. I have never seen such thing in web.xml.

Similar Messages

OSB: Implementing 2 way ssl for a particular proxy

Hi All,
We have a requirement to implement 2 way ssl support for one of our OSB proxy and 1 way ssl support for all other proxies in our project.
we have enabled HTTS on OSB and configured 2-way ssl on weblogic server. It is working fine.
But the 2 way ssl configuration on weblogic server impacts all other proxy services deployed on that node. Because of weblogic configuration "Two Way Client Cert Behavior: Client Certs Requested and Enforced", the server expects all request to present the client certificate..
But our requirement is, Only 1 proxy service should enforce 2-way ssl, all other proxies should only support 1 -way ssl(server authentication).
Is there any way to implement our requirement?.
we want to configure weblogic with "Two Way Client Cert Behavior: Client Certs Requested but not and Enforced OR Client Certs NOT Requested" and then in the proxy service we want to enforce client certificate..
Is it possible to implement? If so can anyone help to explain the steps?
Thanks in advance
Edited by: user13109986 on Oct 24, 2012 9:30 AM

It is a domain wide setting. Can you not create a new domain? I do not think that you can handle it from web.xml. I have never seen such thing in web.xml.

I am having trouble Trouble implementing one-way SSL on WebLogic 9.2...

I am having trouble Trouble implementing one-way SSL on WebLogic 9.2. I am using Demo Identity and Demo Trust certificates with a SSL Listen Port Enabled on 7002, and a Two Way Client Cert Behavior of Client Certs Not Requested. I assume that by using Client Certs Not Requested that there is no need to install certificates on user's computers.
When weblogic is restarted, I get the following log telling me it works...
<Sep 11, 2012 9:35:16 AM PDT> <Notice> <Security> <BEA-090171> <Loading the identity certificate and private key stored under the alias DemoIdentity from the jks keystore file E:\bea\WEBLOG~1\server\lib\DemoIdentity.jks.>
<Sep 11, 2012 9:35:17 AM PDT> <Notice> <Security> <BEA-090169> <Loading trusted certificates from the jks keystore file E:\bea\WEBLOG~1\server\lib\DemoTrust.jks.>
<Sep 11, 2012 9:35:17 AM PDT> <Notice> <Security> <BEA-090169> <Loading trusted certificates from the jks keystore file e:\bea\jdk150_12\jre\lib\security\cacerts.>
<Sep 11, 2012 9:35:17 AM PDT> <Notice> <Server> <BEA-002613> <Channel "Default" is now listening on 10.9.20.172:7000 for protocols iiop, t3, ldap, http.>
<Sep 11, 2012 9:35:17 AM PDT> <Notice> <Server> <BEA-002613> <Channel "DefaultSecure" is now listening on 10.9.20.172:7002 for protocols iiops, t3s, ldaps, https.>
However, when I open the console in https://server:7002/console, I get the following error in log file...
<Sep 11, 2012 9:43:45 AM PDT> <Warning> <Security> <BEA-090481> <NO_CERTIFICATE alert was received from x.y.z.com - 10.37.10.54. Verify the SSL configuration has a proper SSL certificate chain and private key specified.>
<Sep 11, 2012 9:43:45 AM PDT> <Warning> <Security> <BEA-090508> <Certificate chain received from x.y.z.com - 10.37.10.54 was incomplete.>
I do not understand why I am getting this error when I assume there is no need to install certificates on user's computers. Can't someone please explain what is going on? Thanks in advance.

<?xml version='1.0' encoding='UTF-8'?>
<domain xmlns="http://www.bea.com/ns/weblogic/920/domain" xmlns:sec="http://www.bea.com/ns/weblogic/90/security" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:wls="http://www.bea.com/ns/weblogic/90/security/wls" xsi:schemaLocation="http://www.bea.com/ns/weblogic/90/security/extension http://www.bea.com/ns/weblogic/90/security.xsd http://www.bea.com/ns/weblogic/90/security/xacml http://www.bea.com/ns/weblogic/90/security/xacml.xsd http://www.bea.com/ns/weblogic/90/security http://www.bea.com/ns/weblogic/90/security.xsd http://www.bea.com/ns/weblogic/920/domain http://www.bea.com/ns/weblogic/920/domain.xsd http://www.bea.com/ns/weblogic/90/security/wls http://www.bea.com/ns/weblogic/90/security/wls.xsd">
<name>nctcis</name>
<domain-version>9.2.3.0</domain-version>
<security-configuration>
<name>nctcis</name>
<realm>
<sec:authentication-provider xsi:type="wls:default-authenticatorType">
<sec:name>DefaultAuthenticator</sec:name>
<sec:control-flag>SUFFICIENT</sec:control-flag>
</sec:authentication-provider>
<sec:authentication-provider xsi:type="wls:default-identity-asserterType">
<sec:name>DefaultIdentityAsserter</sec:name>
<sec:active-type>AuthenticatedUser</sec:active-type>
</sec:authentication-provider>
<sec:role-mapper xmlns:xac="http://www.bea.com/ns/weblogic/90/security/xacml" xsi:type="xac:xacml-role-mapperType"></sec:role-mapper>
<sec:authorizer xmlns:xac="http://www.bea.com/ns/weblogic/90/security/xacml" xsi:type="xac:xacml-authorizerType"></sec:authorizer>
<sec:adjudicator xsi:type="wls:default-adjudicatorType"></sec:adjudicator>
<sec:credential-mapper xsi:type="wls:default-credential-mapperType"></sec:credential-mapper>
<sec:cert-path-provider xsi:type="wls:web-logic-cert-path-providerType"></sec:cert-path-provider>
<sec:cert-path-builder>WebLogicCertPathProvider</sec:cert-path-builder>
<sec:name>myrealm</sec:name>
</realm>
<default-realm>myrealm</default-realm>
<anonymous-admin-lookup-enabled>true</anonymous-admin-lookup-enabled>
<credential-encrypted>{3DES}PyUkjWRp8JGpk75BYSbvQ6OWYgA9SZq2nj2IuENa2vxrMy835GMRZ+GGKhJiWapjt0mMC2ohcxxlIMNUZJUH2gCjbB5kQUmA</credential-encrypted>
<node-manager-username>system</node-manager-username>
<node-manager-password-encrypted>{3DES}KmaZDZGQC6spYVY12CbJGA==</node-manager-password-encrypted>
</security-configuration>
<jta>
<timeout-seconds>1800</timeout-seconds>
<abandon-timeout-seconds>3600</abandon-timeout-seconds>
<max-transactions>100000</max-transactions>
<max-resource-unavailable-millis>100000</max-resource-unavailable-millis>
</jta>
<log>
<name>nctcis</name>
<file-name>e:/netcracker/logs/wl-domain.log</file-name>
<file-min-size>5120</file-min-size>
</log>
<server>
<name>nctcisAdmin</name>
<ssl>
<enabled>true</enabled>
<hostname-verifier xsi:nil="true"></hostname-verifier>
<hostname-verification-ignored>false</hostname-verification-ignored>
<client-certificate-enforced>true</client-certificate-enforced>
<two-way-ssl-enabled>false</two-way-ssl-enabled>
<server-private-key-alias>tcisdevbpagov_cert</server-private-key-alias>
<server-private-key-pass-phrase-encrypted>{3DES}T21dXO5l79SRI+xSmGOE+A==</server-private-key-pass-phrase-encrypted>
<use-server-certs>false</use-server-certs>
</ssl>
<log>
<name>nctcisAdmin</name>
<file-name>e:/netcracker/logs/weblogic.log</file-name>
<file-min-size>5120</file-min-size>
</log>
<listen-port>7000</listen-port>
<web-server>
<name>nctcisAdmin</name>
<web-server-log>
<name>nctcisAdmin</name>
<file-name>e:/netcracker/logs/access.log</file-name>
<file-min-size>5120</file-min-size>
</web-server-log>
</web-server>
<listen-address>tcis.dev.bpa.gov</listen-address>
<key-stores>DemoIdentityAndDemoTrust</key-stores>
<custom-identity-key-store-file-name>E:\bea\jdk150_12\bin\tcisdevbpagov_identity.jks</custom-identity-key-store-file-name>
<custom-identity-key-store-type>JKS</custom-identity-key-store-type>
<custom-identity-key-store-pass-phrase-encrypted>{3DES}T21dXO5l79SRI+xSmGOE+A==</custom-identity-key-store-pass-phrase-encrypted>
<custom-trust-key-store-file-name>E:\bea\jdk150_12\bin\tcisdevbpagov_trust.jks</custom-trust-key-store-file-name>
<custom-trust-key-store-type>JKS</custom-trust-key-store-type>
<custom-trust-key-store-pass-phrase-encrypted>{3DES}I++r0/FEMRGFrqF47pYZJA==</custom-trust-key-store-pass-phrase-encrypted>
</server>
<embedded-ldap>
<name>nctcis</name>
<credential-encrypted>{3DES}i51JYfmoGyFTxPjiCjjtXWwza1t13k56Ls7fmdqtKB0=</credential-encrypted>
</embedded-ldap>
<configuration-version>9.2.3.0</configuration-version>
<app-deployment>
<name>NetCracker</name>
<target>nctcisAdmin</target>
<module-type>ear</module-type>
<source-path>applications\NetCracker</source-path>
<security-dd-model>DDOnly</security-dd-model>
<staging-mode>nostage</staging-mode>
</app-deployment>
<app-deployment>
<name>pictures</name>
<target>nctcisAdmin</target>
<module-type>war</module-type>
<source-path>e:\pictures</source-path>
<security-dd-model>DDOnly</security-dd-model>
<staging-mode>nostage</staging-mode>
</app-deployment>
<jms-server>
<name>NCJMSServer</name>
<target>nctcisAdmin</target>
<temporary-template-resource>NCJMSModule</temporary-template-resource>
<temporary-template-name>NetCrackerTemplate</temporary-template-name>
<message-buffer-size>100000</message-buffer-size>
</jms-server>
<self-tuning>
<max-threads-constraint>
<name>MaxThreadsConstraint</name>
<target>nctcisAdmin</target>
<count>40</count>
</max-threads-constraint>
<work-manager>
<name>default</name>
<target>nctcisAdmin</target>
<max-threads-constraint>MaxThreadsConstraint</max-threads-constraint>
<work-manager-shutdown-trigger>
<stuck-thread-count>1000</stuck-thread-count>
</work-manager-shutdown-trigger>
</work-manager>
</self-tuning>
<jms-system-resource>
<name>NCJMSModule</name>
<target>nctcisAdmin</target>
<sub-deployment>
<name>BEA_JMS_MODULE_SUBDEPLOYMENT_NCJMSServer</name>
<target>NCJMSServer</target>
</sub-deployment>
<descriptor-file-name>jms/ncjmsmodule-jms.xml</descriptor-file-name>
</jms-system-resource>
<admin-server-name>nctcisAdmin</admin-server-name>
<jdbc-system-resource>
<name>NetCrackerDataSource</name>
<target>nctcisAdmin</target>
<descriptor-file-name>jdbc/NetCrackerDataSource-5713-jdbc.xml</descriptor-file-name>
</jdbc-system-resource>
<jdbc-system-resource>
<name>NetCrackerDataSourceNonTX</name>
<target>nctcisAdmin</target>
<descriptor-file-name>jdbc/NetCrackerDataSourceNonTX-6926-jdbc.xml</descriptor-file-name>
</jdbc-system-resource>
</domain>
Edited by: user6904153 on Sep 12, 2012 6:57 AM

2-Way SSL for a single web app

Hi all,
I have got 2-way SSL working on my WLS 8.1.4.
However we have an existing app that uses 1-way SSL already running on the same WLS.
Is it possible to allow 1-way SSL for the existing app and only use 2-way on my new app?
Looking at the console enforcing client certificates seems to be a server wide setting. I was hoping that maybe I would be able to restrict it in the web.xml file.
Any advice would be appreciated.
Thanks
Alan

It is a domain wide setting. Can you not create a new domain? I do not think that you can handle it from web.xml. I have never seen such thing in web.xml.

Configuring SSL for SOA Server

Hi All,
I wrkin on SOA suite 11g. I am tryin to implement transport level security. Firstly 1-way authentication and than 2-way mutual authentication. For that I need to enable the SSL for SOA server which is managed by the WLS admin server. As per my knowledge the WLS comes with demoidentity and demotrust keystores. If I need to configure the SSL for SOA server do i need to create new keystores and CA,s or I can use the demo keystores.
Now, in case i need to create new keystores than can i do the same using keytool utility. Additionally, is it possible to make CA using keytool utility? If yes, kindly provide me some links about how to do the same.
Thanks in advance.

Hi Shomit,
If I need to configure the SSL for SOA server do i need to create new keystores and CA,s or I can use the demo keystores.You can use the Demo keystores for dev purpose but it is NOT recommended to use demo keystores for production use.
in case i need to create new keystores than can i do the same using keytool utilityYes, you can do it using Keytool utility.
is it possible to make CA using keytool utility?Actually you can generate a self-signed cert and use that as a CA for signing CSR's.
kindly provide me some links about how to do the sameYou should get everything here -
http://download.oracle.com/docs/cd/E14571_01/web.1111/e13707/ssl.htm#i1200848
Regards,
Anuj

Need info to configure SSL for Portal Server in EP6SP2

Hello,
We need to configure SSL for Portal Server. We are using J2EE 6.20 Patch 25 and EP6SP2P4. The ITS is already using https and it creats lots of Session issues since Portal is not in https.
Is there any OSS Note or How to guide to configure Portal to use SSL.
Thanks.
- PK

Hi Marcel,
Thanx for your Post, I have a Question, we will use CISCO for load balancing and SSL termination but I have a big issue, the URL in the portal applciation is always the same ant the URL in the borwser, I guess al the other URL´s are in the Frames, how will we configure the SSL termination for the login page in example if the URL in the Browser appears always the same?
Thanx in Advanced!!!

Enabling ssl on Weblogic server 5.1 using Verisign certificate.

"Hi,I am trying to enable ssl in Weblogic server 5.1The properties set in my properties file areweblogic.security.certificate.server=servercert.pem(sent from the verisign via email)weblogic.security.key.server=cp8212-2d2-key.der(generated by the Certificate Servlet of Weblogic Server)

"Hi,I am trying to enable ssl in Weblogic server 5.1The properties set in my properties file areweblogic.security.certificate.server=servercert.pem(sent from the verisign via email)weblogic.security.key.server=cp8212-2d2-key.der(generated by the Certificate Servlet of Weblogic Server)

Is there any way to start weblogic server with java 7?

Hi. Is there any way to start weblogic server with jdk 1.7?

Hi,
You can start your Weblogic Server with java 7(JDK 1.7)
Go to Domain_home/bin and click on StartWeblogic.cmd it will start your Admin Server
It depends on which JDK you have used while creating domain if you have selected Jdk 1.7 it will use the same to start the server
See the Ex:
================
starting weblogic with Java version:
java version "1.7.0_51"
Java(TM) SE Runtime Environment (build 1.7.0_51-b13)
Java HotSpot(TM) 64-Bit Server VM (build 24.51-b03, mixed mode)
Starting WLS with line:
C:\PROGRA~1\Java\JDK17~1.0_5\bin\java -client -Xms256m -Xmx512m -XX:CompileThr
eshold=8000 -XX:PermSize=48m -XX:MaxPermSize=128m -Dweblogic.Name=AdminServer -
Djava.security.policy=H:\Oracle\MIDDLE~1\WLSERV~1.3\server\lib\weblogic.policy
-Xverify:none -Xverify:none -da -Dplatform.home=H:\Oracle\MIDDLE~1\WLSERV~1.3 -
Dwls.home=H:\Oracle\MIDDLE~1\WLSERV~1.3\server -Dweblogic.home=H:\Oracle\MIDDLE~
1\WLSERV~1.3\server -Dweblogic.management.discover=true -Dwlw.iterativeDev= -
Dwlw.testConsole= -Dwlw.logErrorsToConsole= -Dweblogic.ext.dirs=H:\Oracle\MIDDLE
~1\patch_wls1036\profiles\default\sysext_manifest_classpath weblogic.Server
<Mar 3, 2015 1:08:32 PM PST> <Info> <Security> <BEA-090905> <Disabling CryptoJ J
CE Provider self-integrity check for better startup performance. To enable this
check, specify -Dweblogic.security.allowCryptoJDefaultJCEVerification=true>
<Mar 3, 2015 1:08:33 PM PST> <Info> <Security> <BEA-090906> <Changing the defaul
t Random Number Generator in RSA CryptoJ from ECDRBG to FIPS186PRNG. To disable
this change, specify -Dweblogic.security.allowCryptoJDefaultPRNG=true>
<Mar 3, 2015 1:08:33 PM PST> <Info> <WebLogicServer> <BEA-000377> <Starting WebL
ogic Server with Java HotSpot(TM) 64-Bit Server VM Version 24.51-b03 from Oracle
Corporation>
=======================================
If you are using a Lower version of JDK and want to upgrade to JKD 1.7 you can do so by changing setDomainEnv.sh in Weblogic
Have a look at the below link to do so
The Weblogic Wasp: change java version / JDK of a weblogic domain
http://www.baigzeeshan.com/2012/05/how-to-change-jdk-used-by-weblogic.html
Hope it helps

2-way SSL and access control using the client certificate

Hi,
I'd like to configure WLS 8.1 so that the server will use the client identity extracted from the client certificate to determine whether permissions should be granted. I am having some problems.
Details: The client can be either a Web service or a web application. The steps for authentication and authorization should be:
- The client sends a request to an Apache server (DMZ) which will then be forwarded to WLS.
- The client's identity, common name from the X.509 certificate, is mapped to the "username" (using WLS default identity assertion provider).
- Validate whether the client should be trusted (via the list in the trusted credentials)
- Check whether the resource should be granted based on the "username".
The on-line manual says
"If the Web browser or Java client requests a WebLogic Server resource protected by a security policy, WebLogic Server requires that the Web browser or Java client have an identity."
"The user corresponding to the Subject's Distinguished Name (SubjectDN) attribute in the client's digital certificate must be defined in the server's security realm; otherwise the client will not be allowed to access a protected WebLogic resource. For information on configuring users on the server, see Creating Users in Managing WebLogic Security."
So the questions I have are:
- If the client identity is certificate based, why should we configure users with the "user name" and "password"? How can we get around it?
- Once I defined the security condition for my app to use "user name of the caller," a default username and password prompt automatically popped up.
Apparently, the SSL mutual authentication configuration and the default authentication provider to use the X.509 type didn't take any effect.
- Without defining the security policy for the application, the debugging messages show that
getRoles(): input arguments: subject:0
Entitlement - <Role:Annonymous with expr:Grp(everyone)>
Any suggestions? Thanks.

Hi,
I am trying to use 2 way ssl using webservices client , here is my code :
AxisProperties.setProperty("org.apache.axis.components.net.SecureSocketFactory","org.apache.axis.components.net.SunFakeTrustSocketFactory");
SSLAdapterFactory factory = SSLAdapterFactory.getDefaultFactory();
WLSSLAdapter adapter = (WLSSLAdapter) factory.getSSLAdapter();
// clientCredentialFile stores in PEM format the public key and
// all the CAs associated with it + then the private key. All this in // a concatenated manner
FileInputStream clientCredentialFile = new FileInputStream ("C:\\sslcert\\client-pub3.pem");
// private key password
String pwd = "password";
adapter.loadLocalIdentity(clientCredentialFile, pwd.toCharArray());
adapter.setVerbose(true);
adapter.setTrustedCertificatesFile("C:\\certificate\\server\\server.jks");
adapter.setStrictCheckingDefault(false);
factory.setDefaultAdapter(adapter);
factory.setUseDefaultAdapter(true);
boolean idAvailability = false;
UNSLocator locator = new UNSLocator();
URL portAddress = new URL("https://localhost:7002/smuSSWeb/UNSResponse.xml");
UNSPort unsprt = locator.getUNSPort(portAddress);
idAvailability = unsprt.isIDAvailable("Yulin125", "C");
System.out.println("Got from method :"+idAvailability);
After runing this code i am getting the following exception :
AxisFault
faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server.userException
faultSubcode:
faultString: java.net.SocketException: Software caused connection abort: socket write error
faultActor:
faultNode:
faultDetail:
I am using .pem (clientsigned,clientinter,clientroot, root-key) files for client authentication and i am using server.jks as a keystore for my server authentication.Once i run this code , i am able to present the server certificate chain to the client but i am not able to present the client certificate chain to server.
I am stuck with for quite sometime.
Some insight needed from the guru's

Problem with 2 way SSL for JMS

Finally, there is some progress on my JMS over SSL (2 way with JNDI). I am able to send/receive JMS messages but there is an exception in Weblogic server log (see attached). Let me summarise all the steps involved:
(I have referred this doc http://java.sun.com/j2ee/1.4/docs/tutorial/doc/Security6.html as I found this more convenient)
1. Generate the server private key/public certificate pair:
C:\softwares\bea\satishb\ssl\3>keytool -genkey -alias serveralias -keyalg RSA -keypass password -storepass password -keystore .\server\svrkeystore.jks
2. Export the generated server certificate in svrkeystore.jks into the file server.cer:
C:\softwares\bea\satishb\ssl\3>keytool -export -alias serveralias -storepass password -file .\server\server.cer -keystore .\server\svrkeystore.jks
3. To create the trust-store file cacerts.jks and add the server certificate to the trust-store:
C:\softwares\bea\satishb\ssl\3>keytool -import -v -trustcacerts -alias serveralias -file .\server\server.cer -keystore .\server\cacerts.jks -keypass password -storepass password
Now Client part:
1. Generate the client key/cert pair:
C:\softwares\bea\satishb\ssl\3>keytool -genkey -alias clientalias -keyalg RSA -keypass password -storepass password -keystore .\client\cltkeystore.jks
2. Export the generated client certificate into file client.cer:
C:\softwares\bea\satishb\ssl\3>keytool -export -alias clientalias -storepass password -file .\client\client.cer -keystore .\client\cltkeystore.jks
3. Add the certificate to the trust-store file cltcacerts.jks (this trust-store will be used by weblogic server for client authentication):
C:\softwares\bea\satishb\ssl\3>keytool -import -v -trustcacerts -alias clientalias -file .\client\client.cer -keystore .\client\cltcacerts.jks -keypass password -storepass password
- I deployed svrkeystore.jks to weblogic server as the custom identity and cltcacerts.jks as the trust store (so that client au takes place).
- I use server\cacerts.jks file at the client side to authenticate the server as the custom trust store.
-Both the JMS client and the weblogic server are using the same Java ie C:\softwares\bea\jdk150_04.
I am now able to send/receive the JMS messages but in the Weblogic server logs, I see these which seems to me that the proper SSL handshake has not taken place:
####<Mar 5, 2007 3:54:12 PM IST> <Info> <Server> <sburnwal-wxp> <AdminServer> <DynamicSSLListenThread[DefaultSecure]> <<WLS Kernel>> <> <> <1173090252459> <BEA-002605> <Adding address: 192.168.4.223 to licensed client list>
####<Mar 5, 2007 3:54:12 PM IST> <Debug> <SecuritySSL> <sburnwal-wxp> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1173090252459> <000000> <isMuxerActivated: false>
####<Mar 5, 2007 3:54:12 PM IST> <Debug> <SecuritySSL> <sburnwal-wxp> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1173090252506> <000000> <5978326 SSL Version 2 with no padding>
####<Mar 5, 2007 3:54:12 PM IST> <Debug> <SecuritySSL> <sburnwal-wxp> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1173090252506> <000000> <24761471 SSL3/TLS MAC>
####<Mar 5, 2007 3:54:12 PM IST> <Debug> <SecuritySSL> <sburnwal-wxp> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1173090252506> <000000> <24761471 received SSL_20_RECORD>
####<Mar 5, 2007 3:54:12 PM IST> <Debug> <SecuritySSL> <sburnwal-wxp> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1173090252506> <000000> <HANDSHAKEMESSAGE: ClientHelloV2>
####<Mar 5, 2007 3:54:12 PM IST> <Debug> <SecuritySSL> <sburnwal-wxp> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1173090252506> <000000> <........... Eating Exception ..........
java.security.NoSuchAlgorithmException
     at com.certicom.tls.ciphersuite.CipherSuiteSupport.getCipherSuite(Unknown Source)
     at com.certicom.tls.ciphersuite.CipherSuiteSupport.getCipherSuite(Unknown Source)
     at com.certicom.tls.record.handshake.MessageClientHelloVersion2.<init>(Unknown Source)
     at com.certicom.tls.record.handshake.HandshakeMessage.createVersion2(Unknown Source)
     at com.certicom.tls.record.handshake.HandshakeHandler.handleVersion2HandshakeMessages(Unknown Source)
     at com.certicom.tls.record.MessageInterpreter.interpretContent(Unknown Source)
     at com.certicom.tls.record.MessageInterpreter.decryptMessage(Unknown Source)
     at com.certicom.tls.record.ReadHandler.processRecord(Unknown Source)
     at com.certicom.tls.record.ReadHandler.readRecord(Unknown Source)
     at com.certicom.tls.record.ReadHandler.readUntilHandshakeComplete(Unknown Source)
     at com.certicom.tls.interfaceimpl.TLSConnectionImpl.completeHandshake(Unknown Source)
     at javax.net.ssl.impl.SSLSocketImpl.startHandshake(Unknown Source)
     at weblogic.server.channels.DynamicSSLListenThread$1.run(DynamicSSLListenThread.java:130)
     at weblogic.work.ExecuteThread.execute(ExecuteThread.java:207)
     at weblogic.work.ExecuteThread.run(ExecuteThread.java:179)
>
####<Mar 5, 2007 3:54:12 PM IST> <Debug> <SecuritySSL> <sburnwal-wxp> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1173090252506> <000000> <........... Eating Exception ..........
java.security.NoSuchAlgorithmException
     at com.certicom.tls.ciphersuite.CipherSuiteSupport.getCipherSuite(Unknown Source)
     at com.certicom.tls.ciphersuite.CipherSuiteSupport.getCipherSuite(Unknown Source)
     at com.certicom.tls.record.handshake.MessageClientHelloVersion2.<init>(Unknown Source)
     at com.certicom.tls.record.handshake.HandshakeMessage.createVersion2(Unknown Source)
     at com.certicom.tls.record.handshake.HandshakeHandler.handleVersion2HandshakeMessages(Unknown Source)
     at com.certicom.tls.record.MessageInterpreter.interpretContent(Unknown Source)
     at com.certicom.tls.record.MessageInterpreter.decryptMessage(Unknown Source)
     at com.certicom.tls.record.ReadHandler.processRecord(Unknown Source)
     at com.certicom.tls.record.ReadHandler.readRecord(Unknown Source)
     at com.certicom.tls.record.ReadHandler.readUntilHandshakeComplete(Unknown Source)
     at com.certicom.tls.interfaceimpl.TLSConnectionImpl.completeHandshake(Unknown Source)
     at javax.net.ssl.impl.SSLSocketImpl.startHandshake(Unknown Source)
     at weblogic.server.channels.DynamicSSLListenThread$1.run(DynamicSSLListenThread.java:130)
     at weblogic.work.ExecuteThread.execute(ExecuteThread.java:207)
     at weblogic.work.ExecuteThread.run(ExecuteThread.java:179)
>
####<Mar 5, 2007 3:54:12 PM IST> <Debug> <SecuritySSL> <sburnwal-wxp> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1173090252506> <000000> <write HANDSHAKE, offset = 0, length = 58>
####<Mar 5, 2007 3:54:12 PM IST> <Debug> <SecuritySSL> <sburnwal-wxp> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1173090252506> <000000> <write HANDSHAKE, offset = 0, length = 602>
####<Mar 5, 2007 3:54:12 PM IST> <Debug> <SecuritySSL> <sburnwal-wxp> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1173090252506> <000000> <write HANDSHAKE, offset = 0, length = 4>
####<Mar 5, 2007 3:54:12 PM IST> <Debug> <SecuritySSL> <sburnwal-wxp> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1173090252506> <000000> <isMuxerActivated: false>
####<Mar 5, 2007 3:54:12 PM IST> <Debug> <SecuritySSL> <sburnwal-wxp> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1173090252521> <000000> <24761471 SSL3/TLS MAC>
####<Mar 5, 2007 3:54:12 PM IST> <Debug> <SecuritySSL> <sburnwal-wxp> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1173090252521> <000000> <24761471 received HANDSHAKE>
####<Mar 5, 2007 3:54:12 PM IST> <Debug> <SecuritySSL> <sburnwal-wxp> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1173090252521> <000000> <HANDSHAKEMESSAGE: ClientKeyExchange RSA>
####<Mar 5, 2007 3:54:12 PM IST> <Debug> <SecuritySSL> <sburnwal-wxp> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1173090252521> <000000> <Using JCE Cipher: SunJCE version 1.5 for algorithm RSA>
####<Mar 5, 2007 3:54:12 PM IST> <Debug> <SecuritySSL> <sburnwal-wxp> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1173090252537> <000000> <Ignoring not supported JCE Mac: SunJCE version 1.5 for algorithm HmacMD5>
####<Mar 5, 2007 3:54:12 PM IST> <Debug> <SecuritySSL> <sburnwal-wxp> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1173090252537> <000000> <Will use default Mac for algorithm HmacMD5>
####<Mar 5, 2007 3:54:12 PM IST> <Debug> <SecuritySSL> <sburnwal-wxp> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1173090252537> <000000> <Ignoring not supported JCE Mac: SunJCE version 1.5 for algorithm HmacSHA1>
####<Mar 5, 2007 3:54:12 PM IST> <Debug> <SecuritySSL> <sburnwal-wxp> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1173090252537> <000000> <Will use default Mac for algorithm HmacSHA1>
####<Mar 5, 2007 3:54:12 PM IST> <Debug> <SecuritySSL> <sburnwal-wxp> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1173090252537> <000000> <........... Eating Exception ..........
java.security.NoSuchAlgorithmException: Algorithm MD5 not available
     at javax.crypto.Mac.getInstance(DashoA12275)
     at com.certicom.tls.provider.Mac.getInstance(Unknown Source)
     at com.certicom.tls.ciphersuite.SecurityParameters.makeKeys(Unknown Source)
     at com.certicom.tls.ciphersuite.SecurityParameters.deriveKeys(Unknown Source)
     at com.certicom.tls.ciphersuite.SecurityParameters.<init>(Unknown Source)
     at com.certicom.tls.record.handshake.HandshakeHandler.generateSecurityParameters(Unknown Source)
     at com.certicom.tls.record.handshake.ServerStateSentHelloDone.handle(Unknown Source)
     at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessage(Unknown Source)
     at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessages(Unknown Source)
     at com.certicom.tls.record.MessageInterpreter.interpretContent(Unknown Source)
     at com.certicom.tls.record.MessageInterpreter.decryptMessage(Unknown Source)
     at com.certicom.tls.record.ReadHandler.processRecord(Unknown Source)
     at com.certicom.tls.record.ReadHandler.readRecord(Unknown Source)
     at com.certicom.tls.record.ReadHandler.readUntilHandshakeComplete(Unknown Source)
     at com.certicom.tls.interfaceimpl.TLSConnectionImpl.completeHandshake(Unknown Source)
     at javax.net.ssl.impl.SSLSocketImpl.startHandshake(Unknown Source)
     at weblogic.server.channels.DynamicSSLListenThread$1.run(DynamicSSLListenThread.java:130)
     at weblogic.work.ExecuteThread.execute(ExecuteThread.java:207)
     at weblogic.work.ExecuteThread.run(ExecuteThread.java:179)
>
####<Mar 5, 2007 3:54:12 PM IST> <Debug> <SecuritySSL> <sburnwal-wxp> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1173090252537> <000000> <Will use default Mac for algorithm MD5>
####<Mar 5, 2007 3:54:12 PM IST> <Debug> <SecuritySSL> <sburnwal-wxp> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1173090252537> <000000> <Using JCE Cipher: SunJCE version 1.5 for algorithm RC4>
####<Mar 5, 2007 3:54:12 PM IST> <Debug> <SecuritySSL> <sburnwal-wxp> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1173090252537> <000000> <Ignoring not supported JCE Mac: SunJCE version 1.5 for algorithm HmacMD5>
####<Mar 5, 2007 3:54:12 PM IST> <Debug> <SecuritySSL> <sburnwal-wxp> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1173090252537> <000000> <Will use default Mac for algorithm HmacMD5>
####<Mar 5, 2007 3:54:12 PM IST> <Debug> <SecuritySSL> <sburnwal-wxp> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1173090252537> <000000> <Ignoring not supported JCE Mac: SunJCE version 1.5 for algorithm HmacSHA1>
Pls let me know if there is anything I am missing here. Help is appreciated a lot.
Thanks
Satish

It is a domain wide setting. Can you not create a new domain? I do not think that you can handle it from web.xml. I have never seen such thing in web.xml.

ACE 4700 configuring SSL termination weblogic server 10.3.6

Hello,
Im trying to configure an ACE 4700 so that SSL termination is done on the ACE and HTTP reaches the weblogic server instance.
I have a working setup of a Apache reverse proxy doing SSL offloading and using a weblogic module and that works fine
Was reading http://docs.oracle.com/cd/E23943_01/web.1111/e13709/load_balancing.htm#i1045186
Can anyone point me to a working config example for doing this with the ACE4700 or give me some directions here?
Kind regards,
Laurens

Hi Laurens,
Here is a basic configuration for SSL termination:
rserver host test
ip address 10.198.16.98
inservice
rserver host test2
ip address 10.198.16.93
inservice
serverfarm host test
rserver test 80
    inservice
rserver test2 80
    inservice
ssl-proxy service TEST
key cert
cert cert
class-map match-all VIPSSL
2 match virtual-address 10.198.16.122 tcp eq https
policy-map type loadbalance first-match test
class class-default
    serverfarm test
policy-map multi-match clients
class VIPSSL
    loadbalance vip inservice
    loadbalance policy test
    loadbalance vip icmp-reply active
    nat dynamic 1 vlan 112
    ssl-proxy server TEST
interface vlan 112
ip address 10.198.16.91 255.255.255.192
access-group input Allow_Access
nat-pool 1 10.198.16.122 10.198.16.122 netmask 255.255.255.192 pat
service-policy input NSS_MGMT
service-policy input clients
no shutdown
Cesar R
ANS Team

Socks proxy call from a weblogic server across the firewall to an external program

Hi,
From our weblogic server, we are trying to connect to an external
program outside our firewall through SSL. The SSL connection is being
tunneled through a socks proxy in the DMZ. (We have not yet made it
work so far. Currently, we are trying to make it work)
From the weblogic bean, we are doing the following
System.setProperty("socksProxySet", "true");
System.setProperty("socksProxyHost", "w.x.y.z");
System.setProperty("socksProxyPort", "1080");
Not that weblogic bean is the initiator of the connection and it talks
to a program outside our firewall.
My question is, will this kind of system level setting in the weblogic
server have any negative impact? This is because, RMI is over sockets
and weblogic might be talking to its internal components through
sockets.
Is it advisable to have such socks related setting the weblogic bean
level?
thanks,
jas.

Hi,
From our weblogic server, we are trying to connect to an external
program outside our firewall through SSL. The SSL connection is being
tunneled through a socks proxy in the DMZ. (We have not yet made it
work so far. Currently, we are trying to make it work)
From the weblogic bean, we are doing the following
System.setProperty("socksProxySet", "true");
System.setProperty("socksProxyHost", "w.x.y.z");
System.setProperty("socksProxyPort", "1080");
Not that weblogic bean is the initiator of the connection and it talks
to a program outside our firewall.
My question is, will this kind of system level setting in the weblogic
server have any negative impact? This is because, RMI is over sockets
and weblogic might be talking to its internal components through
sockets.
Is it advisable to have such socks related setting the weblogic bean
level?
thanks,
jas.

Configure/installing apache web server (1.3.26) plug in for weblogic server 6.1

hi,
can any body know the exact steps to configure the apache web server which can proxy requests to weblogic server 6.1?
thanks in advance.

hi,
can any body know the exact steps to configure the apache web server which can proxy requests to weblogic server 6.1?
thanks in advance.

How write rmi-iiop over ssl with weblogic server 6.1 - No server found

//New
Hello,
I have written an appication like this:
- An EJB server running on Weblogic server 6.1
(named: BankServerHome)
-A java client calling the BankServer.
Platform: windows 2000 - jdk1.3
Now I want to secure the communication with SSL protocol.
I have done this:
-generate a key peer with weblogic service named certificate.
-send the CSR to a CA and place the answer into the weblogic
server certificate directory.
-update path for ServerCertificateChainFileName,
ServerCertificateFileName, ServerKeyFileName into config.xml.
-launch weblogicServer
     -> server certificate is recognized
     -> listening port 7001 and 7002.
(-stop weblogicServer!)
At now, all is all right, errors come hereafter:
Then I follow the guideline "Programming weblogic Security" (version of 30/07/2001).
"To use RMI over IIOP over SSL with a Java client, do the following:
2. Extend the java.rmi.server.RMISocketFactory class to handle SSL socket
connections. Be sure to specify the port on which WebLogic Server listens for
SSL connections. For an example of a class that extends the
java.rmi.server.RMISocketFactory class, see Listing 4-22.
3. Run the ejbc compiler with the -d option.
4. Add your extension of the java.rmi.server.RMISocketFactory class to the
CLASSPATH of the Java client.
5. Use the following command options when starting the Java client:
-xbootclasspath/a:%CLASSPATH%
-Dorg.omg.CORBA.ORBSocketFactoryClass=implementation of java.rmi.server.RMISocketFactory
-Dssl.certs=directory location of digital certificate for Java client
-Dssl.key=directory location of private key for Java client"
At step 3. I found into documentation that -d is linked to a directory name.
When I run ejbc with this option -d I have the message:
"ERROR: You must specify an output directory or jar with the -d option to weblogic.ejbc."
% So what option can I use to run ejbc for secure usage?
At step 5. Whatever I write for -Dorg.omg.CORBA.ORBSocketFactoryClass,
this pointed class is not instanciated.
Then I can not create a socket with my client.
The folowing exception is raised:
javax.naming.CommunicationException [Root exception is java.net.ConnectException:
No server found at T3S://localhost:7002]
So, my questions are:
% Why -Dorg.omg.CORBA.ORBSocketFactoryClass must be known by the client and not
the server?
My java client part, managing connection is:
-------------------BEGIN OF CONNECTION MANAGER-------------------
Properties env = new Properties ();
// Shouldn't have to do this, but for now you must
if ( factory.equals ("weblogic.jndi.WLInitialContextFactory") ) {
env.put ("java.naming.provider.url", "t3s://localhost:7002");
InitialContext context = new InitialContext (env);
BankSessionServerHome bssh = (BankServerHome) context.lookup("BankServerHome");
BankServer = bssh.create();
-------------------END OF CONNECTION MANAGER-------------------
I have also try
env.put ("java.naming.provider.url", "corbaloc:iiop://localhost:7002");
but it throws the following error
javax.naming.InvalidNameException: url does not conatin !!!
% What is the code for the java client allowing connection with the ejb?
% And better, can I have a sample example for rmi-iiop over ssl?
(...wlserver6.1\samples\examples\iiop\ejb\stateless\rmiclient\client.java do not
speak ssl!)
Any help will be appreciate from you...
Best Regards.
Oliver

"oliver" <[email protected]> writes:
The SSL support is poorly doc'd right now. We have fixed this and
updated the way you do things in SP2. Please either wait for SP2 or
contact support.
andy
I have written an appication like this:
- An EJB server running on Weblogic server 6.1
(named: BankServerHome)
-A java client calling the BankServer.
Platform: windows 2000 - jdk1.3
Now I want to secure the communication with SSL protocol.
I have done this:
-generate a key peer with weblogic service named certificate.
-send the CSR to a CA and place the answer into the weblogic
server certificate directory.
-update path for ServerCertificateChainFileName,
ServerCertificateFileName, ServerKeyFileName into config.xml.
-launch weblogicServer
     -> server certificate is recognized
     -> listening port 7001 and 7002.
(-stop weblogicServer!)
At now, all is all right, errors come hereafter:
Then I follow the guideline "Programming weblogic Security" (version of 30/07/2001).
"To use RMI over IIOP over SSL with a Java client, do the following:
2. Extend the java.rmi.server.RMISocketFactory class to handle SSL socket
connections. Be sure to specify the port on which WebLogic Server listens for
SSL connections. For an example of a class that extends the
java.rmi.server.RMISocketFactory class, see Listing 4-22.
3. Run the ejbc compiler with the -d option.
4. Add your extension of the java.rmi.server.RMISocketFactory class to the
CLASSPATH of the Java client.
5. Use the following command options when starting the Java client:
-xbootclasspath/a:%CLASSPATH%
-Dorg.omg.CORBA.ORBSocketFactoryClass=implementation of java.rmi.server.RMISocketFactory
-Dssl.certs=directory location of digital certificate for Java client
-Dssl.key=directory location of private key for Java client"
At step 3. I found into documentation that -d is linked to a directory name.
When I run ejbc with this option -d I have the message:
"ERROR: You must specify an output directory or jar with the -d option to weblogic.ejbc."
% So what option can I use to run ejbc for secure usage?
At step 5. Whatever I write for -Dorg.omg.CORBA.ORBSocketFactoryClass,
this pointed class is not instanciated.
Then I can not create a socket with my client.
The folowing exception is raised:
javax.naming.CommunicationException [Root exception is java.net.ConnectException:
No server found at T3S://localhost:7002]
So, my questions are:
% Why -Dorg.omg.CORBA.ORBSocketFactoryClass must be known by the client and not
the server?
My java client part, managing connection is:
-------------------BEGIN OF CONNECTION MANAGER-------------------
Properties env = new Properties ();
// Shouldn't have to do this, but for now you must
if ( factory.equals ("weblogic.jndi.WLInitialContextFactory") ) {
env.put ("java.naming.provider.url", "t3s://localhost:7002");
InitialContext context = new InitialContext (env);
BankSessionServerHome bssh = (BankServerHome) context.lookup("BankServerHome");
BankServer = bssh.create();
-------------------END OF CONNECTION MANAGER-------------------
I have also try
env.put ("java.naming.provider.url", "corbaloc:iiop://localhost:7002");
but it throws the following error
javax.naming.InvalidNameException: url does not conatin !!!
% What is the code for the java client allowing connection with the ejb?
% And better, can I have a sample example for rmi-iiop over ssl?
(...wlserver6.1\samples\examples\iiop\ejb\stateless\rmiclient\client.java do not
speak ssl!)
Any help will be appreciate from you...
Best Regards.
Oliver

Apache plug-in for weblogic server under linux

Ladies and gents,
          Having problems getting the plug-in working..............
          System components:
          RedHat linux 6.1
          BEA Weblogic server 5.1
          Apache web server 1.3.19 (WLS supports the plug-in)
          I have enabled DSO support and verified this using
          {APACHEHOME}/bin/httpd -l which lists mod_so.c as one of its
          components
          I have installed and activated the plug-in using apxs
          To verify that the plug-in was installed I did this:
          %grep weblogic {APACHEHOME}/conf/httpd.conf
          which returns
          LoadModule weblogic_module libexec/mod_wl.so
          BUT NOT:
          AddModule mod_weblogic.c
          I have checked {APACHEHOME}/src/modules/standard and that does not
          contain the file. Please could someone mail me the source file
          "mod_weblogic.c" or enlighten me as to why this not happening.
          Many thanks in advance,
          Kevin


Ladies and gents,
          Having problems getting the plug-in working..............
          System components:
          RedHat linux 6.1
          BEA Weblogic server 5.1
          Apache web server 1.3.19 (WLS supports the plug-in)
          I have enabled DSO support and verified this using
          {APACHEHOME}/bin/httpd -l which lists mod_so.c as one of its
          components
          I have installed and activated the plug-in using apxs
          To verify that the plug-in was installed I did this:
          %grep weblogic {APACHEHOME}/conf/httpd.conf
          which returns
          LoadModule weblogic_module libexec/mod_wl.so
          BUT NOT:
          AddModule mod_weblogic.c
          I have checked {APACHEHOME}/src/modules/standard and that does not
          contain the file. Please could someone mail me the source file
          "mod_weblogic.c" or enlighten me as to why this not happening.
          Many thanks in advance,
          Kevin

Apache 2.2 21 forward Proxy 2 way SSL for weblogic server as a client

Similar Messages

Maybe you are looking for