Certificates in weblogic

Hi!
Is it possible to use self-signed certificates in Weblogic 6.0 ?
How can my company become a CA, and what's the cost ?
Thanks in advance.
Johnny Kee

Configuring Commercial certificates on weblogic server
http://weblogictips.wordpress.com/2008/07/27/configuring-commercial-certificates-on-weblogic-server/
How to debug SSL issues with weblogic server
http://weblogictips.wordpress.com/2010/05/11/how-to-debug-ssl-issues-with-weblogic-server/
Steps to create self sign certificates for weblogic server
http://weblogictips.wordpress.com/2008/07/27/steps-to-create-self-sign-certificates-for-weblogic-server/
thanks,
sandeep

Similar Messages

Problem in installation of free SSL certificate on Weblogic using keytool

We tried to install SSL certificate on weblogic certificate using Keystore ..but it is giving error in console at startup and server shutdowns automatically...
Steps followed:-
1) To generate keystore and private key and digital cerficate:-
keytool -genkey -alias mykey2 -keyalg RSA -keystore webconkeystore.jks -storepass webconkeystorepassword
2) To generate CSR
keytool -certreq -alias mykey2 -file webconcsr1.csr -keyalg RSA -storetype jks -keystore webconkeystore.jks -storepass webconkeystorepassword
3) CSR is uploaded on verisign site to generate free ssl certificate.All certificate text received is paste into file (cacert.pem)
4) Same certificate is put into same keystore using following command
keytool -import -alias mykey2 -keystore webconkeystore.jks -trustcacerts -file cacert.pem
5) Before step 4), we have also installed root /intermediate certificate to include chain using following command.
(intermediateCa.cer file is downloaded from verisign site)
keytool -import -alias intermediateca -keystore webconkeystore.jks -trustcacerts -file intermediateCa.cer
6) After this configuration we used weblogic admin module to configure Keystore and SSL.
7) For KeyStore tab in weblogic admin module, we have select option Custom Identity And Custom Trust provided following details under Identity and Trust columns:-
Private key alias: mykey2
PassKeyphrase: webconkeystorepassword
Location of keystore: location of webconkeystore.jks file on server
8) For SSL tab in weblogic admin module, we have select option KeyStores for Identity and Trust locations.
Error on console:
<Nov 3, 2009 3:00:17 PM IST> <Emergency> <Security> <BEA-090034> <Not listening for SSL, java.io.IOException: Failed to retrieve identity key/certificate from keystore /home/cedera/bea9.0/weblogic90/server/lib/webconkeystore.jks under alias mykey2 on server AdminServer.>
<Nov 3, 2009 3:00:17 PM IST> <Emergency> <Security> <BEA-090087> <Server failed to bind to the configured Admin port. The port may already be used by another process.>
<Nov 3, 2009 3:00:17 PM IST> <Critical> <WebLogicServer> <BEA-000362> <Server failed. Reason: Server failed to bind to any usable port. See preceeding log message for details.>
<Nov 3, 2009 3:00:17 PM IST> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to FAILED>
<Nov 3, 2009 3:00:17 PM IST> <Error> <WebLogicServer> <BEA-000383> <A critical service failed. The server will shut itself down>
<Nov 3, 2009 3:00:17 PM IST> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to FORCE_SHUTTING_DOWN>
If anyone knows the solution ,please help us out.Thanx in advance.
I was really happy to get reply yesterday from "mv".I was not expecting such instant response.

Thanx all guys for your interest and support.
I have solved this issue.
We have weblogic 9 on unix env.
Following steps which I followed:
#generate private key
keytool -genkey -v -alias uinbrdcsap01_apac_nsroot_net -keyalg RSA -keysize 1024 -dname "CN=linuxbox042, OU=ASIA, O=Citigroup, L=CALC, S=MH, C=IN" -validity 1068 -keypass "webconkeystorepassword" -keystore "cwebconkeystore"
#generate csr
keytool -certreq -v -alias uinbrdcsap01_apac_nsroot_net -file linuxbox042.csr -keypass "webconkeystorepassword" -keystore "cwebconkeystore" -storepass webconkeystorepassword
Then we uploaded this csr on verisigns free ssl certificate to generate and receive certificate text.
We copied that text file in "ert4nov2009.crt" rt file used below.
Apart from that , mail which we received from verisign also contains links to download root ca certificate and intermediate ca certificate.We downloaded them.
roo ca in "root4nov2009.cer" file.
intermediate ca in "intermediateca4nov2009.cer"
both these files used in
#import root certificate
keytool -import -alias rootca -keystore "cwebconkeystore" -storepass "webconkeystorepassword" -trustcacerts -file "root4nov2009.cer"
#import intermediate ca certificate
keytool -import -alias intermediateca -keystore "cwebconkeystore" -storepass "webconkeystorepassword" -trustcacerts -file "intermediateca4nov2009.cer"
#install free ssl certifiate
keytool -import -alias uinbrdcsap01_apac_nsroot_net -file "cert4nov2009.crt" -trustcacerts -keypass "webconkeystorepassword" -keystore "cwebconkeystore" -storepass "webconkeystorepassword"
#after this admin configuration
In weblogic admin console module, we did following settings:-
1. under Configuration tab
a. Under KeyStore tab
For keystore , we selected "Custom identity and Custom Trust"
Under Identity,
Custom Identity Keystore:location of keystore "webconkeystore" on weblogic server
Custom Identity Keystore Type: JKS
Custom Identity Keystore Passphrase:password for keystore mentioend above.In our case, webconkeystorepassword
Same we copied Under "Trust", as we have not created separate keystore for trust.
Save setting.
b. Under SSL tab
Identity and Trust Locations: select "Keystores"
Private Key Alias: alias used while creating private keyi.e. in our case "uinbrdcsap01_apac_nsroot_net"
Save setting.
c. Under General tab
Check checkbox "SSL Listen Port Enabled"
and mention ssl port "SSL Listen Port"
Save setting.
After this activate changes.You might see error on admin module.
Using command prompt, stop the server and again restart and then try to access using https and port ...
you will definately get output...
in our case issue might be due to key size..we used 1024 key size ..it solve problem.
for your further reference plz find link below..it is also helpful.
http://download.oracle.com/docs/cd/E13222_01/wls/docs81/plugins/nsapi.html#112674

MS-SOAP Toolkit 2, certificates and Weblogic

Hi,
I am trying to work with the Microsoft Toolkit 2 SP 2, client certificates and Weblogic
6.1.
It does not work, I know that the problem is with the Toolkit,
it doesn't agree to work with Weblogic, but maybe someone
in this forum know how to solve it.
So, if someone knows how to solve it, please let me know ASAP.
THANKS,
Tal.

To work with Microsoft MS SOAP Toolkit, you should use either RPC/encoded or document/literal.
Even if RPC/literal is WS-I compliant and is now supported by the .NET 3.0 version of the framework, it's not supported for older releases.
Best,
-Eric

Certificate to weblogic-user mapping using CertAuthenticator

In SSL scenario I have a two way aithentication setup and working.
Now I wanted to use an auto Certificate to weblogic user mapping.
I tried using the SimpleCertAuthenticator (part of examples), and
setup the required properties in weblogic.properties.
SimpleCertAuthenticator is not getting called by the server.
(I put debug statements in SimpleCertAuthenticator.java which are
not being reached).
can somebody who had it successfully running help.
thank you,
escher.

escher,
When connecting from a browser a similar problem arises which can be solved by a patch to sp6. Soon sp7 will fix it, but at the moment sp7 solves that problem but causes another.
I'm confident that the same fix will fix calls from a java client, and thus the example, but I haven't checked yet. If it doesn't I'll let you know.
"escher" <[email protected]> wrote:
>
In SSL scenario I have a two way aithentication setup and working.
Now I wanted to use an auto Certificate to weblogic user mapping.
I tried using the SimpleCertAuthenticator (part of examples), and
setup the required properties in weblogic.properties.
SimpleCertAuthenticator is not getting called by the server.
(I put debug statements in SimpleCertAuthenticator.java which are
not being reached).
can somebody who had it successfully running help.
thank you,
escher.

Godaddy SSL certificate on weblogic

Hello,
Recentally I purchased ssl certificate from godaddy, they send me 2 files (mydomain.crt) and (gd_bundle.crt).
now I don't know how to create .pem file just to complete the installation. below the instruction I did.
- keytool -genkey -alias client -keyalg RSA -keysize 2048 -keystore identity.jks -storepass password -keypass password
- keytool -certreq -keyalg RSA -keysize 2048 -alias client -file certreq.csr -keystore identity.jks -storepass password
here when I enter this I get an error ( keytool error: java.io.FileNotFoundException: CertChain.pem (No such file or directory not found). so how to create the CertChain.pem from the files I got from godaddy.
- keytool -import -file CertChain.pem -alias client -keystore identity.jks -storepass password
- keytool -import -file rootCA.cer -alias RootCA -keystore trust.jks -storepass password
Keytool –list –v –keystore <keystore-name> -storepass <keystore-password>

I found out how to install godaddy ssl certificate on weblogic follow the link below.
http://coreygilmore.com/blog/2009/06/02/install-a-go-daddy-ssl-certificate-for-use-with-jboss-or-the-bes-5-bas/
but I still get This CA Root certificate is not trusted because it is not in the Trusted Root Certification Authorities store.

Invoking secure services inside bpel with x509 certificate and weblogic

Hi, everyone. Here we have a problem with invoking secure webservices (*client authentication*) from a bpel deployed in weblogic that is consuming so much time (more than a week) and don't know what else to try.
The scenario: we have a bpel process which invokes a series of web services without any security mechanisms. Now, we have to change it to invoke a series of webservices that do exactly the same, but using ssl and client authentication with x509 certificates. The first part of it, the ssl one, is done without any problems. But the second part is not working at all, and we (I) are running out of ideas how to configure it in weblogic.
The situation: I want to invoke a webservice, say, Service1. It requires client authentication, so I should pass a certificate (*which I already have*). I put that certificate inside a keystore (with keytool -importkeystore, from p12 to jks). With SoapUI I have no problem now to invoke the service now. But, I'm not sure what should I do to make it work in weblogic; after all, the provider keeps answering with a HTTP 403 Forbidden error.
The actions: inside the weblogic's enterprise manager, in SOA deployments (SOA / soa-infra / default ) I selected my composite, and in the Dashboard (down at Services and references), clicked the particular service (Service1). Then, it took me to another page where I can see statistics about that service, and a tab named Policies. There (in Policies) I have the chance to attach a policy, but I don't know which one is the approppriate; I guest it should be WSS11_x509_token_with_message_protection_service_policy, which in turn asks me to provide a value for keystore.recipient.alias, keystore.sig.csf.key and keystore.enc.csf.key. For this keys, I provide values that I configured in Credentials (Weblogic Domain / Security / Credentials, subtree oracle.wsm.security). My own logic tells me that what I have done is what I should have done, but still no luck :(
I am sure the keystore is ok (if I rename the keystore file it tells me that the keystore file cannot be found, and if I specify an alias which is not inside the keystore it tells me that the alias is not found and list me valid aliases). I guess I am missing something, somewhere, but after many hours (days, almost 2 weeks) googling, still cannot make it work.
Any ideas would be apreciated. If anyone knows about a post or article about this, it would be apreciated too, but I can tell is not that I just googled for 25 minutes, but I have spent more than a week googling, trying, analyzing and reading formal documentation, with no results.
Thanks in advance!

Try to enable SSL and WS debugging on your WLS. Add the following to your startup script:
-Dweblogic.webservice.verbose=true
-Dssl.debug=true
..then you might be able to spot if the rejection is based on some handshake problem.

Facing problem in installing certificate on Weblogic for the SSL

I am doing the setup for secure socket layer(SSL) in weblogic server
.I
have created the certificate which need for ssl by using the Openssl ,
after
that I entered path for all the file relate to setup by using the
weblogic
console. Once I have complete all this entries, I restarted the server ,
at
the time of restart its giving the following error. I am also sending
the
screen short of console and the log files as an attachment.
<Feb 4, 2002 4:45:46 PM GMT-05:00> <Alert> <WebLogicServer> <Security
configuration problem with certificat
e file config/cauvery-key.pem, java.io.EOFException>
java.io.EOFException
at weblogic.security.Utils.inputByte(Utils.java:133)
at
weblogic.security.ASN1.ASN1Header.inputTag(ASN1Header.java:125)
at weblogic.security.ASN1.ASN1Header.input(ASN1Header.java:119)
at weblogic.security.RSAPrivateKey.input(RSAPrivateKey.java:119)
at weblogic.security.RSAPrivateKey.<init>(RSAPrivateKey.java:91)
at
weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:397)
at
weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:300)
at
weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:1039)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:475)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:197)
at weblogic.Server.main(Server.java:35)
<Feb 4, 2002 4:45:58 PM GMT-05:00> <Notice> <Management> <Starting
discovery
of Managed Server... This feat
Please help us to solve this problem

Hi.
Try posting this question in the security newsgroup.
Thanks,
Michael
Ankur wrote:
I am doing the setup for secure socket layer(SSL) in weblogic server
I
have created the certificate which need for ssl by using the Openssl ,
after
that I entered path for all the file relate to setup by using the
weblogic
console. Once I have complete all this entries, I restarted the server ,
at
the time of restart its giving the following error. I am also sending
the
screen short of console and the log files as an attachment.
<Feb 4, 2002 4:45:46 PM GMT-05:00> <Alert> <WebLogicServer> <Security
configuration problem with certificat
e file config/cauvery-key.pem, java.io.EOFException>
java.io.EOFException
at weblogic.security.Utils.inputByte(Utils.java:133)
at
weblogic.security.ASN1.ASN1Header.inputTag(ASN1Header.java:125)
at weblogic.security.ASN1.ASN1Header.input(ASN1Header.java:119)
at weblogic.security.RSAPrivateKey.input(RSAPrivateKey.java:119)
at weblogic.security.RSAPrivateKey.<init>(RSAPrivateKey.java:91)
at
weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:397)
at
weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:300)
at
weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:1039)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:475)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:197)
at weblogic.Server.main(Server.java:35)
<Feb 4, 2002 4:45:58 PM GMT-05:00> <Notice> <Management> <Starting
discovery
of Managed Server... This feat
Please help us to solve this problem--
Michael Young
Developer Relations Engineer
BEA Support

How do I get a digital certificate for WebLogic Server?

I has three files(*.der, *.pem, *.pem)generated by weblogic certificate sevlet. And I has also got file from verisign throuth my CSR file. But when I give the *.der file to server key file name field on the console, some error occur in my weblogic:
<2002-6-12 %u4E0A%u534811%u65F622%u520614%u79D2> <Alert> <WebLogicServer> <Security configuration pr
oblem with certificate file config/mydomain/eintech-key.der, java.io.EOFExceptio
n>
java.io.EOFException
at weblogic.security.Utils.inputByte(Utils.java:133)
at weblogic.security.ASN1.ASN1Header.inputTag(ASN1Header.java:125)
at weblogic.security.ASN1.ASN1Header.input(ASN1Header.java:119)
at weblogic.security.RSAPrivateKey.input(RSAPrivateKey.java:119)
at weblogic.security.RSAPrivateKey.<init>(RSAPrivateKey.java:91)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:397)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:300)
at weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:1045)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:480)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:202)
at weblogic.Server.main(Server.java:35)
I don't know where is the error raise? help me?

Hi.
Just a guess, but sometimes this happens when the .der file is actually in .pem format, or vice versa. You might try changing the name of the cert to .pem, specify it in the console and see if that helps.
You also might get a better answer posting this question on the security newsgroup.
Regards,
Michael
javachina wrote:
I has three files(*.der, *.pem, *.pem)generated by weblogic certificate sevlet. And I has also got file from verisign throuth my CSR file. But when I give the *.der file to server key file name field on the console, some error occur in my weblogic:
<2002-6-12 %u4E0A%u534811%u65F622%u520614%u79D2> <Alert> <WebLogicServer> <Security configuration pr
oblem with certificate file config/mydomain/eintech-key.der, java.io.EOFExceptio
n>
java.io.EOFException
at weblogic.security.Utils.inputByte(Utils.java:133)
at weblogic.security.ASN1.ASN1Header.inputTag(ASN1Header.java:125)
at weblogic.security.ASN1.ASN1Header.input(ASN1Header.java:119)
at weblogic.security.RSAPrivateKey.input(RSAPrivateKey.java:119)
at weblogic.security.RSAPrivateKey.<init>(RSAPrivateKey.java:91)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:397)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:300)
at weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:1045)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:480)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:202)
at weblogic.Server.main(Server.java:35)
I don't know where is the error raise? help me?--
Michael Young
Developer Relations Engineer
BEA Support

Problems using 4096 bit SSL certificate with WebLogic Apache 2.2 plug-in

Hi,
'm using WebLogic 9.2 MP3 and Apache HTTP Server (version 2.2) Plug-In. For security reasons, I have SSL installed on both Apache and WebLogic. So Apache must communicate with WebLogic via https.
I get the following error when attempting to access WebLogic via Apache:
Internet Explorer cannot display the webpage
These are the last lines in wlproxy log:
Fri Feb 26 14:08:59 2010 <71212672221392> INFO: SSL is configured
Fri Feb 26 14:08:59 2010 <71212672221392> SSL Main Context not set. Calling InitSSL
Fri Feb 26 14:08:59 2010 <71212672221331> INFO: Initializing SSL library
I've found that the problem is caused by using a 4096 bit intermediate cert. When I include this 4096 bit cert in the file referenced by plugin parameter "TrustedCAFile", it is unable to load it. I've tested 4096 bit certs from a few different certificate authorities, and consistently see this problem, so I know the problem is not related to the specific certificate. If I use a 2048 bit intermediate certificate, everything works perfectly fine.
Do you know if there are limitations to the certificate length that the plug-in can use?

Yes 4096 bit Certificates are not supported by the plugin.
You can use up to 2048 bit.
There is a Bug which clearly mentions it.
I dont remember the Bug Number, but an Oracle Support person will be able to tell you.
Hope this helps.
Faisal Khan
Edited by: Faisal Khan on Feb 27, 2010 2:08 PM

Accepting runtime-specified SSL certificates in WebLogic 11g

Hi all!
In our application we need to call several Web Servervices based on URL's and trusted SSL certificates that are stored in database. Those certificates are self-signed but we cannot add them in the WebLogic truststore (we only want to accept them for those specific web service calls). This is 2-way SSL but our server refuses the remote certificate.
What is the right way to do this?
In WebLogic 10g we used to do the following:
 WlsSSLAdapter adapter = new WlsSSLAdapter();
 try {
 // setup for client certificate
 adapter.setKeystore(…);
 adapter.setClientCert(…);
 // setup for accepting the remote certificate
 adapter.setTrustManager(new TrustManager() {
 @Override
 public boolean certificateCallback(X509Certificate[] paramArrayOfX509Certificate, int paramInt) {
 return paramArrayOfX509Certificate[0] == expectedCertificate;
 } catch (Exception e) {
 throw new RuntimeException(e);
 ((weblogic.wsee.jaxrpc.StubImpl) servicePort)._setProperty(weblogic.wsee.jaxrpc.WLStub.SSL_ADAPTER, adapter);However in WebLogic 11g it appears that even if the <tt>TrustManager</tt> is called (which we checked by using a debugger), WebLogic refuses the certificate:
<validationCallback: validateErr = 16>
< cert[0] = Serial number: 9232073310112809071929676484517784211
 Issuer:C=US, ST=MyState, L=MyTown, O=MyOrganization, OU=FOR TESTING ONLY, CN=mestoudi2
 Subject:C=US, ST=MyState, L=MyTown, O=MyOrganization, OU=FOR TESTING ONLY, CN=mestoudi2
 Not Valid Before:Tue Nov 01 14:33:31 CET 2011
 Not Valid After:Sun Nov 02 14:33:31 CET 2031
 Signature Algorithm:MD5withRSA
 >
<weblogic user specified trustmanager validation status 16>
<Certificate chain received from mestoudi2 - 10.142.0.23 was not trusted causing SSL handshake failure.>
<Validation error = 16>
<Certificate chain is untrusted>
<SSLTrustValidator returns: 16>
<Trust status (16): CERT_CHAIN_UNTRUSTED>
<NEW ALERT with Severity: FATAL, Type: 42
 java.lang.Exception: New alert stack
 at com.certicom.tls.record.alert.Alert.<init>(Unknown Source)
 at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown Source)
 at com.certicom.tls.record.handshake.ClientStateReceivedServerHello.handle(Unknown Source)
…I think the first difference occurs on the line "+weblogic user specified trustmanager validation status 16+" where in WebLogic 10g the value was 0 instead of 16.
If we check "Use JSSE SSL" in the WebLogic administration console (which switches the implementation to com.sun.net.ssl instead of com.certicom.tls), the <tt>TrustManager</tt> is not called at all.
We also tried to configure the <tt>TrustManager</tt> by implementing a <tt>javax.net.ssl.X509TrustManager</tt> that we set on a <tt>weblogic.wsee.connection.transport.https.HttpsTransportInfo</tt> passed to the stub using
((weblogic.wsee.jaxrpc.StubImpl) servicePort)._setProperty(TRANSPORT_INFO, transportInfo);But it is not called either – however it works for setting up a proxy for example. We are generating the stubs using the clientgen Ant task (<tt>weblogic.wsee.tools.anttasks.ClientGenTask</tt>).
We are a little bit stuck, any idea of what we should do? Is the WebLogic 11g behavior a regression or is there something else we should configure to get back the old behavior?

Hello,
Weblogic has two keystores : identity (if you are doing 2 ways SSL) and trust. you should import your "external" certificate in the "trust" key store.
look at your server config to know your config : Home >Summary of Servers >AdminServer-->configuration-->keystore
I suggest that you change the default configuration (not using the demo one),
then when you know where is yo key store use the command line to add your certificate to trusted store (this is a example) :
opt/weblogic10_3_3/jdk160_18/jre/bin/keytool -import -noprompt -trustcacerts -alias BLCCertificateAuthority -file cacert2035.pem -keystore /opt/weblogic10_3_3/jdk160_18/jre/lib/security/cacerts
once your certificated is added to your trust store it should work.
I hope it will help.

Server Certificate on Weblogic 8.1

Hi. I know it is really dumb to ask these questions but I urgently need to know these as I am on a very tight project schedule. So can someone please enlighten me.
1. If I use SSL protocol and configure to use server certificate, may I know when someone enter my URL, will internet explorer prompt my client for certificate?
2. Do I really need SSL for configuring Certificate? If I do not use, can I still configure and use Server Certificate?
3. Can I reuse the server certificate on my Weblogic 5.1 to Weblogic 8.1 since I am migrating from WL5.1 to WL8.1?
My certificates files in WL 5.1 are in the form of *.pem
Cheers

If you get (for example) a 128-bit SSL certificate from Verisign you need to specify a Certificate Signing Request (CSR). This is unique for each server. If you have upgraded your server and the CSR generated from the weblogic CSR generator servlet is the same as it was in the previous version, then I guess you can use the same certificate. If the CSR has changed then I think you will need to replace the certificate, this costs $100. If it's been less than 30 days since your certificate was issued, it's free.

How to configure SSL certificates on weblogic 10.3.5?

Hi everybody,
i' ve got 2 certificates: Server and Intermediate CA. I used java keytool command to import these two certificates into new keystore:
keytool -import -v -alias server_cert -file certificate.pem -keystore keystore.jks
keytool -import -v -alias intermediate_ca -file intermediate.pem -keystore keystore.jks
Then as weblogic 10.3.5 documentation says i need to use ImportPrivateKey utility in order to import private key into keystore, so i use this command:
java utils.ImportPrivateKey -keystore private.jks -storepass password -keyfile mykey -keyfilepass password -keyfile private.pem -alias private
and get the following error:
Exception in thread "main" java.lang.NoClassDefFoundError: utils.ImportPrivateKey
at gnu.java.lang.MainThread.run(libgcj.so.7rh)
Caused by: java.lang.ClassNotFoundException: utils.ImportPrivateKey not found in gnu.gcj.runtime.SystemClassLoader{urls=[file:./], parent=gnu.gcj.runtime.ExtensionClassLoader{urls=[], parent=null}}
at java.net.URLClassLoader.findClass(libgcj.so.7rh)
at java.lang.ClassLoader.loadClass(libgcj.so.7rh)
at java.lang.ClassLoader.loadClass(libgcj.so.7rh)
at gnu.java.lang.MainThread.run(libgcj.so.7rh)
Any ideas? Thanks.
Regards,
Karolis M.

Hello,
Weblogic has two keystores : identity (if you are doing 2 ways SSL) and trust. you should import your "external" certificate in the "trust" key store.
look at your server config to know your config : Home >Summary of Servers >AdminServer-->configuration-->keystore
I suggest that you change the default configuration (not using the demo one),
then when you know where is yo key store use the command line to add your certificate to trusted store (this is a example) :
opt/weblogic10_3_3/jdk160_18/jre/bin/keytool -import -noprompt -trustcacerts -alias BLCCertificateAuthority -file cacert2035.pem -keystore /opt/weblogic10_3_3/jdk160_18/jre/lib/security/cacerts
once your certificated is added to your trust store it should work.
I hope it will help.

Error in starting weblogic commerce server on Win2000

I downloaded the evaluation release of Weblogic Commerce 3.1 and th licence,
and installed it on Windows 2000 Professional,
I have a Weblogic Application Server 5.1 installed
the server did not start and gave an error, please help us as to what the
problem is and how to get it running.
=========== Error Message ===============
JAVA_CLASSPATH IS
C:\jdk\lib\tools.jar;C:\weblogic\lib\weblogic510sp6boot.jar;C:
\weblogic\classes\boot
WEBLOGIC_CLASSPATH IS
C:\weblogic\lib\weblogic510sp6.jar;C:\weblogic\lib\WebLogi
c_RDBMS.jar;C:\weblogic\license;C:\weblogic\classes;C:\weblogic\lib\weblogic
aux.
jar;C:\weblogic\lib\weblogic-tags-510.jar;C:\WebLogicCommerceServer3.1\licen
se;C
:\WebLogicCommerceServer3.1\classes;C:\WebLogicCommerceServer3.1\lib\rules.j
ar;C
:\WebLogicCommerceServer3.1\lib\jrulesserviceprovider.jar;C:\WebLogicCommerc
eSer
ver3.1\deploy\bmp\classes;C:\WebLogicCommerceServer3.1\eval\win32\Taxware\cl
asse
s;C:\weblogic\eval\cloudscape\lib\cloudscape.jar;C:\weblogic\eval\cloudscape
\lib
\tools.jar;C:\weblogic\eval\cloudscape\lib\client.jar
Fri Dec 01 11:04:39 GMT+05:30 2000: <WebLogicServer> Read global
properties C:\WebLogicCommerceServer3.1\weblogic.propertie
Fri Dec 01 11:04:39 GMT+05:30 2000: <WebLogicServer> No per-server
properties files found
Fri Dec 01 11:04:39 GMT+05:30 2000: <Logging> FileLogger initialized.
Fri Dec 01 11:04:39 GMT+05:30 2000: <WebLogicServer> ************
WebLogic Server (5.1.0 04/03/2000 17:13:23 #66825) 'serve
:\WebLogicCommerceServer3.1
Fri Dec 01 11:04:39 GMT+05:30 2000: <WebLogicServer> ************ (c)
1995, 1996, 1997, 1998 WebLogic, Inc., (c) 1999 BEA S
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.httpd.session.swapIntervalSecs', current value: '10'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.jms.ConnectionConsumer', current value: 'null'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.security.enforceClientCert', current value: 'false'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.login.readTimeoutMillis', current value: '5000'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.system.propertiesFile', current value: 'C:\WebLogicCo
.properties'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.system.bindAddr', current value: 'null'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.httpd.servlet.reloadCheckSecs', current value: '-1'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.httpd.authRealmName', current value: 'WebLogic Server
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.security.SSLHandler.enable', current value: 'true'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.system.startupFailureIsFatal', current value: 'null'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.httpd.http.keepAliveSecs', current value: '60'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.httpd.servlet.classpath', current value: ''
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.httpd.tunneling.clientPingSecs', current value: '45'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.httpd.defaultWebApp', current value: 'null'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.httpd.session.persistentStoreDir', current value: 'se
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.system.perServerPropertiesFile', current value: 'null
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.jms.queue', current value: 'null'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.httpd.session.invalidationIntervalSecs', current valu
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.httpd.session.persistence', current value: 'false'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.security.realm.cache.user.enable', current value: 'tr
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.rmi.dgc.callSystemGC', current value: 'false'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.httpd.enableEvents', current value: 'false'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.jms.maxTransactedDurableSubscribers', current value:
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.system.weight', current value: '100'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.jms.connectionPoolArgs', current value: 'null'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.security.disableGuest', current value: 'false'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.httpd.session.persistentStorePool', current value: ''
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.security.URLAclFile', current value: 'null'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.system.percentSocketReaders', current value: '33'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.zac.enable', current value: 'true'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.jdbc.TXDataSource', current value: '[weblogic.jdbc.TX
.jts.commercePool=commercePool ]'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.system.DNSName', current value: 'null'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.ejb.deploy', current value: 'C:/WebLogicCommerceServe
C:/WebLogicCommerceServer3.1/lib/axiom.jar,C:/WebLogicCommerceServer3.1/lib/
ebusiness.jar,C:/WebLogicCommerceServer3.1/lib/adv
erceServer3.1/lib/bridge.jar,C:/WebLogicCommerceServer3.1/lib/document.jar,C
:/WebLogicCommerceServer3.1/lib/p13nadvisor.jar,C:
.1/lib/portal.jar,C:/WebLogicCommerceServer3.1/lib/ruleeditorbeans.jar,C:/We
bLogicCommerceServer3.1/lib/rulesservice.jar,C:/We
lib/servicemgr.jar'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.workspace.showUserKeysOnly', current value: 'false'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.jms.enable', current value: 'true'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.allow', current value: '[weblogic.allow.reserve.weblo
commercePool=everyone
weblogic.allow.execute.weblogic.servlet.Certificate=system
weblogic.allow.execute.weblogic.servlet.Admin
low.execute.weblogic.servlet.AdminLicense=system
weblogic.allow.execute.weblogic.servlet.AdminConnections=system
weblogic.allo
et.classes=everyone
weblogic.allow.execute.weblogic.servlet.AdminClients=system
weblogic.allow.execute.weblogic.servlet.AdminV
llow.execute.weblogic.servlet.AdminMain=system
weblogic.allow.execute.weblogic.servlet.AdminThreads=system
weblogic.allow.rese
tionPool.docPool=everyone weblogic.allow.read.weblogic.workspace=everyone
weblogic.allow.execute.weblogic.servlet.AdminEvents=
ite.weblogic.workspace=everyone
weblogic.allow.execute.weblogic.servlet.AdminJDBC=system
weblogic.allow.execute.weblogic.servl
ow.execute.weblogic.servlet.AdminProps=system
weblogic.allow.execute.weblogic.servlet.ConsoleHelp=everyone ]'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.system.listenPort', current value: '7501'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.httpd.allow', current value: 'null'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.httpd.servlet.reloadOnModify', current value: 'false'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.io.fileSystem', current value: 'null'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.system.startupArgs', current value: '[weblogic.system
p=TraceFlags=E ]'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.jdbc.enableLogFile', current value: 'false'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.httpd.session.cookie.domain', current value: 'null'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.security.realm.debug', current value: 'false'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.httpd.clustering.enable', current value: 'false'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.httpd.session.enable', current value: 'true'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.system.shutdownArgs', current value: 'null'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.rmi.startupClass', current value: '[weblogic.rmi.star
blogic.rmi.internal.RegistryImpl ]'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.httpd.keepAlive.enable', current value: 'true'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.httpd.session.jdbc.connTimeoutSecs', current value: '
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.system.name', current value: 'server'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.system.helpPageURL', current value: 'http://www.weblo
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.security.key.server', current value: 'C:\WebLogicComm
okey.pem'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.rmi.startupArgs', current value: 'null'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.jms.topicSessionPool', current value: 'null'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.httpd.logFileBufferKBytes', current value: '8'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.home', current value: 'C:\weblogic'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.httpd.documentRoot', current value: 'public_html'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.httpd.servlet.reloadOnModifyRecursive', current value
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.httpd.errorPage', current value: 'null'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.security.certificate.authority3', current value: 'nul
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.system.administrativePort', current value: '0'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.security.certificate.authority2', current value: 'nul
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.system.startupClass', current value: '[weblogic.syste
tup=com.beasys.commerce.foundation.plugin.weblogic.TraceStartup
weblogic.system.startupClass.KeyBootstrap=com.beasys.commerce.
otstrap
weblogic.system.startupClass.serviceManager=com.beasys.commerce.servicemanag
er.CommerceServiceManagerStartup ]'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.system.nonPrivGroup', current value: 'nobody'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.cluster.multicastTTL', current value: '1'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.system.home', current value: 'C:\WebLogicCommerceServ
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.httpd.https.keepAliveSecs', current value: '120'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.jndi.transportableObjectFactories', current value: ''
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.security.certificateCacheSize', current value: '3'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.httpd.tunneling.clientTimeoutSecs', current value: '4
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.jdbc.DataSource', current value: '[weblogic.jdbc.Data
l.docPool=docPool ]'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.system.nonPrivUser', current value: 'nobody'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.zac.publishRoot', current value: 'exports'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.security.clientRootCA', current value: 'null'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.cluster.defaultLoadAlgorithm', current value: 'round-
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.httpd.enable', current value: 'true'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.administrator.phone', current value: '(None)'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.jdbc.connectionPool', current value: '[weblogic.jdbc.
rl=jdbc:beasys:docmgmt:com.beasys.commerce.axiom.document.ref.RefDocumentPro
vider,driver=com.beasys.commerce.axiom.document.jd
=0,initialCapacity=10,maxCapacity=20,capacityIncrement=1,allowShrinking=true
,shrinkPeriodMins=15,refreshMinutes=5,props=jdbc.u
mmercePool;jdbc.isPooled=true;weblogic.t3.waitForConnection=true;weblogic.t3
.waitSecondsForConnection=999999999999;weblogic.jt
onSecs=999999999999;docBase=C:/WebLogicCommerceServer3.1/dmsBase;schemaXML=C
:/WebLogicCommerceServer3.1/dmsBase/doc-schema.xml
nPool.commercePool=url=jdbc:cloudscape:Commerce;create=true;upgrade=true,dri
ver=COM.cloudscape.core.JDBCDriver,loginDelaySecs=
Capacity=20,capacityIncrement=1,allowShrinking=true,shrinkPeriodMins=15,test
ConnsOnReserve=true,testTable=WLCS_IS_ALIVE,refres
ne;password=none;server=none;weblogic.t3.waitForConnection=true;weblogic.t3.
waitSecondsForConnection=999999999999,weblogic.jts
nSecs=999999999999,verbose=false ]'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.jms.debug', current value: 'false'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.jdbc.logFileName', current value: 'C:\WebLogicCommerc
og'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.cluster.dnsName', current value: 'null'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.httpd.requireAuthentication', current value: 'true'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.cluster.multicastAddress', current value: ''
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.system.defaultSecureProtocol', current value: 't3s'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.security.realm.cache.auth.enable', current value: 'tr
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.system.executeThreadCount', current value: '15'
Fri Dec 01 11:04:39 GMT+05:30 2000: <Config> Property name:
'weblogic.httpd.session.cookie.comment', current value: 'Weblog
ng Cookie'
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.jms.tableNamePrefix', current value: 'null'
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.jms.connectionPool', current value: 'null'
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.system.shutdownClass', current value: 'null'
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.httpd.defaultServlet', current value: 'file'
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.cluster.name', current value: 'mycluster'
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.system.defaultProtocol', current value: 't3'
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.httpd.postTimeoutSecs', current value: '30'
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.security.group', current value: 'null'
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.security.realm.cache.caseSensitive', current value: '
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.security.certificate.server', current value: 'C:\WebL
rver\democert.pem'
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.httpd.mimeType', current value: '[weblogic.httpd.mime
.wmlscriptc=wmlsc weblogic.httpd.mimeType.application/x-java-vm=class
weblogic.httpd.mimeType.image/gif=gif weblogic.httpd.mim
stream=exe weblogic.httpd.mimeType.text/html=html,htm
weblogic.httpd.mimeType.application/pdf=pdf weblogic.httpd.mimeType.appl
ar weblogic.httpd.mimeType.image/jpeg=jpeg,jpg
weblogic.httpd.mimeType.image/vnd.wap.wbmp=wbmp
weblogic.httpd.mimeType.applica
tpd.mimeType.text/vnd.wap.wmlscript=wmls
weblogic.httpd.mimeType.text/vnd.wap.wml=wml
weblogic.httpd.mimeType.application/vnd.
ttpd.mimeType.application/x-java-serialized-object=ser ]'
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.httpd.webApp', current value: '[weblogic.httpd.webApp
rceServer3.1/server/webapps/examples/portal/portal.war
weblogic.httpd.webApp.tools=C:/WebLogicCommerceServer3.1/server/webapps
c.httpd.webApp.wlcs=C:/WebLogicCommerceServer3.1/server/webapps/wlcs/ ]'
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.system.minPasswordLen', current value: '8'
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.jms.connectionFactoryArgs', current value: 'null'
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.httpd.session.persistentStoreType', current value: 'f
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.httpd.session.cacheEntries', current value: '1024'
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.security.certificate.authority', current value: 'C:\W
\server\ca.pem'
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.resource.MailSession', current value: 'null'
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.httpd.session.cookie.maxAgeSecs', current value: '-1'
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.login.readTimeoutMillisSSL', current value: '25000'
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.cluster.enable', current value: 'false'
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.security.SSL.ciphersuites', current value: 'null'
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.httpd.indexFiles', current value: 'index.html,index.h
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.password', current value: '[weblogic.password.system=
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.httpd.enableLogFile', current value: 'false'
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.system.enableReverseDNSLookups', current value: 'fals
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.httpd.indexDirectories', current value: 'false'
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.system.maxLogFileSize', current value: '1024'
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.system.logFile', current value: 'C:\WebLogicCommerceS
.log'
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.httpd.session.timeoutSecs', current value: '3600'
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.httpd.logFileFormat', current value: 'common'
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.system.perClusterPropertiesFile', current value: 'nul
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.security.key.export.lifespan', current value: '500'
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.CORBA.connectionPool', current value: 'null'
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'java.system.property', current value: '[java.system.property.c
/WebLogicCommerceServer3.1/db/data ]'
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.httpd.logFileName', current value: 'C:\WebLogicCommer
s.log'
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.httpd.defaultMimeType', current value: 'text/plain'
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.debug.httpd.servlet', current value: 'false'
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.jms.connectionFactoryName', current value: 'null'
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.system.SSLListenPort', current value: '7502'
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.httpd.URLResource', current value: 'null'
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.httpd.session.cookie.name', current value: 'WebLogicS
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.jms.quiescent', current value: 'false'
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.httpd.register', current value: '[weblogic.httpd.regi
sys.commerce.foundation.flow.FlowManager
weblogic.httpd.register.AdminProps=admin.AdminProps
weblogic.httpd.register.classes=w
hServlet weblogic.httpd.register.AdminEvents=admin.AdminEvents
weblogic.httpd.register.AdminMain=admin.AdminMain weblogic.http
gic.servlet.ServerSideIncludeServlet
weblogic.httpd.register.servletimages=weblogic.servlet.internal.InternalImag
eServlet webl
oleHelp=weblogic.servlet.ClasspathServlet
weblogic.httpd.register.AdminJDBC=admin.AdminJDBC
weblogic.httpd.register.ShowDocSer
.content.ShowDocServlet
weblogic.httpd.register.*.jsp=weblogic.servlet.JSPServlet
weblogic.httpd.register.AdminCaptureRootCA=a
weblogic.httpd.register.AdminRealm=admin.AdminRealm
weblogic.httpd.register.AdminLicense=admin.AdminLicense weblogic.httpd.reg
certificate weblogic.httpd.register.AdminConnections=admin.AdminConnections
weblogic.httpd.register.AdminClients=admin.AdminCl
ister.file=weblogic.servlet.FileServlet
weblogic.httpd.register.AdminVersion=admin.AdminVersion
weblogic.httpd.register.authen
.ClientAuthenticationServlet
weblogic.httpd.register.AdminThreads=admin.AdminThreads ]'
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.security.clientRootCA4', current value: 'null'
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.security.clientRootCA3', current value: 'null'
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.security.clientRootCA2', current value: 'null'
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.httpd.session.cookies.enable', current value: 'true'
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.httpd.servlet.extensionCaseSensitive', current value:
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.security.realm.cache.group.enable', current value: 't
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.system.nativeIO.enable', current value: 'true'
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.rmi.enableServerSideStubs', current value: 'false'
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.httpd.session.cookie.path', current value: '/'
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.httpd.session.URLRewriting.enable', current value: 't
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.system.enableSetUID', current value: 'false'
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.security.realm.cache.acl.enable', current value: 'tru
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.jms.topic', current value: 'null'
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.administrator.name', current value: 'WebLogic Adminis
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.jms.queueSessionPool', current value: 'null'
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.security.ssl.enable', current value: 'true'
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.administrator.location', current value: '(None)'
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.system.enableSetGID', current value: 'false'
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.httpd.initArgs', current value: '[weblogic.httpd.init
Filename=/weblogic/admin/help/NoContent.html
weblogic.httpd.initArgs.*.jsp=pageCheckSeconds=0,packagePrefix=jsp,compileCo
mmand
gDir=C:/WebLogicCommerceServer3.1/server/classfiles,verbose=false,keepgenera
ted=false weblogic.httpd.initArgs.file=defaultFile
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.administrator.email', current value: 'root'
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.system.enableConsole', current value: 'true'
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.security.realm.cache.perm.enable', current value: 'tr
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.system.user', current value: 'system'
Fri Dec 01 11:04:40 GMT+05:30 2000: <Config> Property name:
'weblogic.httpd.charsets', current value: 'null'
Fri Dec 01 11:04:40 GMT+05:30 2000: <System Props> awt.toolkit =
sun.awt.windows.WToolkit
Fri Dec 01 11:04:40 GMT+05:30 2000: <System Props> cloudscape.system.home
= C:/WebLogicCommerceServer3.1/db/data
Fri Dec 01 11:04:40 GMT+05:30 2000: <System Props> commerce.properties =
C:\WebLogicCommerceServer3.1\weblogiccommerce.prop
Fri Dec 01 11:04:40 GMT+05:30 2000: <System Props> file.encoding = Cp1252
Fri Dec 01 11:04:40 GMT+05:30 2000: <System Props> file.encoding.pkg =
sun.io
Fri Dec 01 11:04:40 GMT+05:30 2000: <System Props> file.separator = \
Fri Dec 01 11:04:40 GMT+05:30 2000: <System Props> java.awt.fonts =
Fri Dec 01 11:04:40 GMT+05:30 2000: <System Props> java.awt.graphicsenv =
sun.awt.Win32GraphicsEnvironment
Fri Dec 01 11:04:40 GMT+05:30 2000: <System Props> java.awt.printerjob =
sun.awt.windows.WPrinterJob
Fri Dec 01 11:04:40 GMT+05:30 2000: <System Props> java.class.path =
C:\jdk\lib\tools.jar;C:\weblogic\lib\weblogic510sp6boo
s\boot
Fri Dec 01 11:04:40 GMT+05:30 2000: <System Props> java.class.version =
46.0
Fri Dec 01 11:04:40 GMT+05:30 2000: <System Props> java.compiler =
symcjit
Fri Dec 01 11:04:40 GMT+05:30 2000: <System Props> java.ext.dirs =
C:\jdk\jre\lib\ext
Fri Dec 01 11:04:40 GMT+05:30 2000: <System Props> java.home = C:\jdk\jre
Fri Dec 01 11:04:40 GMT+05:30 2000: <System Props> java.io.tmpdir =
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\
Fri Dec 01 11:04:40 GMT+05:30 2000: <System Props> java.library.path =
C:\jdk\bin;.;C:\WINNT\System32;C:\WINNT;C:\WINNT\sys
System32\Wbem;C:\Program Files\Microsoft SQL Server\80\Tools\BINN;C:\Program
Files\Microsoft Visual Studio\Common\MSDev98\Bin;
ft Visual Studio\Common\Tools;C:\Program Files\Microsoft Visual
Studio\VC98\bin;C:\jdk\bin;C:\weblogic\bin;C:\weblogic\bin;C:\
1\eval\win32\CyberCash\bin;C:\WebLogicCommerceServer3.1\eval\win32\Taxware\b
in
Fri Dec 01 11:04:40 GMT+05:30 2000: <System Props>
java.protocol.handler.pkgs = weblogic.utils|weblogic.utils
Fri Dec 01 11:04:40 GMT+05:30 2000: <System Props> java.security.manager
=
Fri Dec 01 11:04:40 GMT+05:30 2000: <System Props> java.security.policy =
C:\weblogic\weblogic.policy
Fri Dec 01 11:04:40 GMT+05:30 2000: <System Props>
java.specification.name = Java Platform API Specification
Fri Dec 01 11:04:40 GMT+05:30 2000: <System Props>
java.specification.vendor = Sun Microsystems Inc.
Fri Dec 01 11:04:40 GMT+05:30 2000: <System Props>
java.specification.version = 1.2
Fri Dec 01 11:04:40 GMT+05:30 2000: <System Props> java.vendor = Sun
Microsystems Inc.
Fri Dec 01 11:04:40 GMT+05:30 2000: <System Props> java.vendor.url =
http://java.sun.com/
Fri Dec 01 11:04:40 GMT+05:30 2000: <System Props> java.vendor.url.bug =
http://java.sun.com/cgi-bin/bugreport.cgi
Fri Dec 01 11:04:40 GMT+05:30 2000: <System Props> java.version = 1.2.2
Fri Dec 01 11:04:40 GMT+05:30 2000: <System Props> java.vm.info = build
JDK-1.2.2-001, native threads, symcjit
Fri Dec 01 11:04:40 GMT+05:30 2000: <System Props> java.vm.name = Classic
VM
Fri Dec 01 11:04:40 GMT+05:30 2000: <System Props>
java.vm.specification.name = Java Virtual Machine Specification
Fri Dec 01 11:04:40 GMT+05:30 2000: <System Props>
java.vm.specification.vendor = Sun Microsystems Inc.
Fri Dec 01 11:04:40 GMT+05:30 2000: <System Props>
java.vm.specification.version = 1.0
Fri Dec 01 11:04:40 GMT+05:30 2000: <System Props> java.vm.vendor = Sun
Microsystems Inc.
Fri Dec 01 11:04:40 GMT+05:30 2000: <System Props> java.vm.version =
1.2.2
Fri Dec 01 11:04:40 GMT+05:30 2000: <System Props> line.separator =
Fri Dec 01 11:04:40 GMT+05:30 2000: <System Props> os.arch = x86
Fri Dec 01 11:04:40 GMT+05:30 2000: <System Props> os.name = Windows NT
Fri Dec 01 11:04:40 GMT+05:30 2000: <System Props> os.version = 5.0
Fri Dec 01 11:04:40 GMT+05:30 2000: <System Props> path.separator = ;
Fri Dec 01 11:04:40 GMT+05:30 2000: <System Props> pipeline.properties =
C:\WebLogicCommerceServer3.1\pipeline.properties
Fri Dec 01 11:04:40 GMT+05:30 2000: <System Props> sun.boot.class.path =
C:\jdk\jre\lib\rt.jar;C:\jdk\jre\lib\i18n.jar;C:\j
Fri Dec 01 11:04:40 GMT+05:30 2000: <System Props> sun.boot.library.path
= C:\jdk\jre\bin
Fri Dec 01 11:04:40 GMT+05:30 2000: <System Props>
sun.io.unicode.encoding = UnicodeLittle
Fri Dec 01 11:04:40 GMT+05:30 2000: <System Props> user.dir =
C:\WebLogicCommerceServer3.1
Fri Dec 01 11:04:40 GMT+05:30 2000: <System Props> user.home =
C:\Documents and Settings\Administrator
Fri Dec 01 11:04:40 GMT+05:30 2000: <System Props> user.language = en
Fri Dec 01 11:04:40 GMT+05:30 2

Hello Muffy,
It looks like you do not have WLS 5.1 service pack 6 installed correctly. I
say this because I do not see the sp6 message at the top of your log and I saw
this message in your log:
org.xml.sax.SAXParseException: Element "weblogic-enterprise-bean" allows no
further input; "transaction-isolation" is not allowed
Ture Hoefner
BEA Systems, Inc.
2590 Pearl St.
Suite 110
Boulder, CO 80302
www.bea.com

JAX-WS client - WebLogic - SSL with proxy server

Good night!
I'm having trouble communicating with webservices using certificate authentication (weblogic.wsee.jaxws.sslclient.PersistentSSLInfo) through and going through a proxy server (weblogic.wsee.jaxws.proxy.ClientProxyFeature) .
If communication with the webservice is done directly (no proxy server) everything happens perfectly, but to set the proxy server I get the exception "BAD_CERTIFICATE." it is as if the certificate was not attached in the request.
The webservice client was generated by JDeveloper.
Has anyone experienced this problem?
Sorry for my bad english
Exception
javax.xml.ws.WebServiceException: javax.net.ssl.SSLKeyException: FATAL Alert:BAD_CERTIFICATE - A corrupt or unuseable certificate was received.
 at com.sun.xml.ws.transport.http.client.HttpClientTransport.readResponseCodeAndMessage(HttpClientTransport.java:218)
 at com.sun.xml.ws.transport.http.client.HttpTransportPipe.process(HttpTransportPipe.java:204)
 at com.sun.xml.ws.transport.http.client.HttpTransportPipe.processRequest(HttpTransportPipe.java:124)
 at com.sun.xml.ws.transport.DeferredTransportPipe.processRequest(DeferredTransportPipe.java:121)
 at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:866)
 at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:815)
 at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:778)
 at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:680)
 at com.sun.xml.ws.client.Stub.process(Stub.java:272)
 at com.sun.xml.ws.client.sei.SEIStub.doProcess(SEIStub.java:153)
 at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:115)
 at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:95)
 at com.sun.xml.ws.client.sei.SEIStub.invoke(SEIStub.java:136)
 at $Proxy30.cleCadastroLote(Unknown Source)
 at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
 at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
 at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
 at java.lang.reflect.Method.invoke(Method.java:597)
 at weblogic.wsee.jaxws.spi.ClientInstanceInvocationHandler.invoke(ClientInstanceInvocationHandler.java:84)
 at $Proxy31.cleCadastroLote(Unknown Source)
 at br.com.tbl.ws.CleCadastroPortClient.main(CleCadastroPortClient.java:51)
Webservice client with proxy server (error)
import weblogic.wsee.jaxws.sslclient.PersistentSSLInfo;
import javax.xml.ws.BindingProvider;
import weblogic.wsee.jaxws.JAXWSProperties;
import weblogic.wsee.jaxws.proxy.ClientProxyFeature;
import weblogic.wsee.jaxws.sslclient.SSLClientUtil;
public class CleCadastroPortClient
public static void main(String [] args)
try{
CleCadastro_Service cleCadastro_Service = new CleCadastro_Service();
CleCadastro cleCadastro = cleCadastro_Service.getCleCadastroPort();
String clientKeyStore = "C:\\certificados.jks";
String clientKeyStorePasswd = "xxxxx";
String clientKeyAlias = "xxxxx";
String clientKeyPass = "xxxxx";
String trustKeystore = "C:\\keystore_completo.jks";
String trustKeystorePasswd = "xxxxx";
PersistentSSLInfo sslInfo = new PersistentSSLInfo();
sslInfo.setKeystore(clientKeyStore);
sslInfo.setKeystorePassword(clientKeyStorePasswd);
sslInfo.setKeyAlias(clientKeyAlias);
sslInfo.setKeyPassword(clientKeyPass);
sslInfo.setTrustKeystore(trustKeystore);
sslInfo.setTrustKeystorePassword(trustKeystorePasswd);
ClientProxyFeature clientProxy = new ClientProxyFeature();
clientProxy.setProxyHost("proxy.com");
clientProxy.setProxyPort(Integer.parseInt("3128") );
clientProxy.setProxyUserName("user");
clientProxy.setProxyPassword("pass");
clientProxy.attachsPort(cleCadastro);
((BindingProvider) cleCadastro).getRequestContext().put(JAXWSProperties.CLIENT_PERSISTENT_SSL_INFO, sslInfo);
((BindingProvider) cleCadastro).getRequestContext().put(JAXWSProperties.SSL_SOCKET_FACTORY, SSLClientUtil.getSSLSocketFactory(sslInfo));
((BindingProvider) cleCadastro).getRequestContext().put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY, "https:/xxxx/ws");
String retorno = cleCadastro.cleCadastroLote("xml", "xml");
}catch(Exception ex){
ex.printStackTrace();
Webservice client without proxy server (OK)
import weblogic.wsee.jaxws.sslclient.PersistentSSLInfo;
import javax.xml.ws.BindingProvider;
import weblogic.wsee.jaxws.JAXWSProperties;
import weblogic.wsee.jaxws.proxy.ClientProxyFeature;
import weblogic.wsee.jaxws.sslclient.SSLClientUtil;
public class CleCadastroPortClient
public static void main(String [] args)
try{
CleCadastro_Service cleCadastro_Service = new CleCadastro_Service();
CleCadastro cleCadastro = cleCadastro_Service.getCleCadastroPort();
String clientKeyStore = "C:\\certificados.jks";
String clientKeyStorePasswd = "xxxxx";
String clientKeyAlias = "xxxxx";
String clientKeyPass = "xxxxx";
String trustKeystore = "C:\\keystore_completo.jks";
String trustKeystorePasswd = "xxxxx";
PersistentSSLInfo sslInfo = new PersistentSSLInfo();
sslInfo.setKeystore(clientKeyStore);
sslInfo.setKeystorePassword(clientKeyStorePasswd);
sslInfo.setKeyAlias(clientKeyAlias);
sslInfo.setKeyPassword(clientKeyPass);
sslInfo.setTrustKeystore(trustKeystore);
sslInfo.setTrustKeystorePassword(trustKeystorePasswd);
((BindingProvider) cleCadastro).getRequestContext().put(JAXWSProperties.CLIENT_PERSISTENT_SSL_INFO, sslInfo);
((BindingProvider) cleCadastro).getRequestContext().put(JAXWSProperties.SSL_SOCKET_FACTORY, SSLClientUtil.getSSLSocketFactory(sslInfo));
((BindingProvider) cleCadastro).getRequestContext().put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY, "https:/xxxx/ws");
String retorno = cleCadastro.cleCadastroLote("xml", "xml");
}catch(Exception ex){
ex.printStackTrace();
}

Hi,
I tried to use the option "-DUseSunHttpHandler=true" and enabled "JSSE SSL", but it did not work, now showing the exception "General SSLEngine problem".
<05/09/2012 15h36min55s GMT-03:00> <Notice> <StdErr> <BEA-000000> <javax.xml.ws.WebServiceException: javax.net.ssl.SSLHandshakeException: General SSLEngine problem>
<05/09/2012 15h36min55s GMT-03:00> <Notice> <StdErr> <BEA-000000> <at com.sun.xml.ws.transport.http.client.HttpClientTransport.readResponseCodeAndMessage(HttpClientTransport.java:218)>
<05/09/2012 15h36min55s GMT-03:00> <Notice> <StdErr> <BEA-000000> <at com.sun.xml.ws.transport.http.client.HttpTransportPipe.process(HttpTransportPipe.java:204)>
<05/09/2012 15h36min55s GMT-03:00> <Notice> <StdErr> <BEA-000000> <at com.sun.xml.ws.transport.http.client.HttpTransportPipe.processRequest(HttpTransportPipe.java:124)>
<05/09/2012 15h36min55s GMT-03:00> <Notice> <StdErr> <BEA-000000> <at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:866)>
<05/09/2012 15h36min55s GMT-03:00> <Notice> <StdErr> <BEA-000000> <at com.sun.xml.ws.transport.DeferredTransportPipe.processRequest(DeferredTransportPipe.java:121)>
<05/09/2012 15h36min55s GMT-03:00> <Notice> <StdErr> <BEA-000000> <at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:815)>
<05/09/2012 15h36min55s GMT-03:00> <Notice> <StdErr> <BEA-000000> <at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:778)>
<05/09/2012 15h36min55s GMT-03:00> <Notice> <StdErr> <BEA-000000> <at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:680)>
<05/09/2012 15h36min55s GMT-03:00> <Notice> <StdErr> <BEA-000000> <at $Proxy308.cleCadastroLote(Unknown Source)>
<05/09/2012 15h36min55s GMT-03:00> <Notice> <StdErr> <BEA-000000> <at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)>
<05/09/2012 15h36min55s GMT-03:00> <Notice> <StdErr> <BEA-000000> <at com.sun.xml.ws.client.sei.SEIStub.invoke(SEIStub.java:136)>
<05/09/2012 15h36min55s GMT-03:00> <Notice> <StdErr> <BEA-000000> <at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:95)>
<05/09/2012 15h36min55s GMT-03:00> <Notice> <StdErr> <BEA-000000> <at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:115)>
<05/09/2012 15h36min55s GMT-03:00> <Notice> <StdErr> <BEA-000000> <at com.sun.xml.ws.client.sei.SEIStub.doProcess(SEIStub.java:153)>
<05/09/2012 15h36min55s GMT-03:00> <Notice> <StdErr> <BEA-000000> <at com.sun.xml.ws.client.Stub.process(Stub.java:272)>

Sunone webserver(proxy) --SSL- weblogic

In our environment we are using Sunone webserver 7.0.9 as a proxy server to forward the request to the weblogic server 10.3.3. Now the requirement is to secure the communication between the proxy and weblogic server. As a standard way we can configure the proxy server to use SSL in obj.conf as below:
<Object name=”weblogic” ppath=”*/DefaultWebApp/*”>
Service fn=wl_proxy WebLogicHost=”myIP WebLogicPort=”mySSLPort SecureProxy=”ON” Debug=”ALL” WLLogFile=”/home/support/IPlanet60SP5/server/logsupport.txt” TrustedCAFile=”/home/support/IPlanet60SP5/TrustedCA.pem” RequireSSLHostMatch=”true”
</Object>
My question is when we have installed a self signed certificate on weblogic, how do we trust that certificate in the proxy server. If it was a third party certificate we can get the root CA certificate that can be added as trust entry in the obj.conf. But in self signed case we do not have a intermediate or root certificate. So how do we trust the self signed server certificate in the proxy server.

851935 wrote:
In our environment we are using Sunone webserver 7.0.9 as a proxy server to forward the request to the weblogic server 10.3.3. Now the requirement is to secure the communication between the proxy and weblogic server. As a standard way we can configure the proxy server to use SSL in obj.conf as below:
<Object name=”weblogic” ppath=”*/DefaultWebApp/*”>
Service fn=wl_proxy WebLogicHost=”myIP WebLogicPort=”mySSLPort SecureProxy=”ON” Debug=”ALL” WLLogFile=”/home/support/IPlanet60SP5/server/logsupport.txt” TrustedCAFile=”/home/support/IPlanet60SP5/TrustedCA.pem” RequireSSLHostMatch=”true”
</Object>
My question is when we have installed a self signed certificate on weblogic, how do we trust that certificate in the proxy server. If it was a third party certificate we can get the root CA certificate that can be added as trust entry in the obj.conf. But in self signed case we do not have a intermediate or root certificate. So how do we trust the self signed server certificate in the proxy server.Just import the self signed cert as trusted.

Certificates in weblogic

Similar Messages

Maybe you are looking for