Thursday, March 24, 2011

Weblogic 10.3.5 Configuring 2 Way SSL for SOA and OSB Serversin Weblogic

Weblogic 10.3.5 Configuring 2 Way SSL for SOA and OSB Servers in Weblogic
By default, WebLogic Server is configured to use one-way SSL (the server passes its identity to the client). For a more secure SSL connection, use two-way SSL. In a two-way SSL connection, the client verifies the identity and trust of the server and then passes its identity to the server. The server then validates the identity and trust of the client before completing the SSL connection. The server determines whether or not two-way SSL is used.
Before configuring two-way SSL, ensure the Trust key store for the server includes the certificate for the trusted certificate authority that signed the certificate for the client.
To enable two-way SSL:
  1. Configure one-way SSL as described in Configuring SSL.
  2. Expand the Servers node.
  3. Select the name of the server for which you want to configure two-way SSL (for example, exampleserver).
  4. Select the Configuration-->Keystores and SSL tab.
  5. Click the Show link under Advanced Options.
  6. Go to the Server attributes section of the window.
  7. Set the Two Way Client Cert Behavior attribute. The following options are available:
    • Client Certs Not Requested—The default (meaning one-way SSL).
    • Client Certs Requested But Not Enforced—Requires a client to present a certificate. If a certificate is not presented, the SSL connection continues.
    • Client Certs Requested And Enforced—Requires a client to present a certificate. If a certificate is not presented or if the certificate is not trusted, the SSL connection is terminated.

  1. Click Apply.
  2. Reboot WebLogic Server.

No comments:

Post a Comment

SOA Cloud 12c GIT Repository

When a project is created, you can choose to initialize the project with one project Git repository for the project. A Maven repository is a...