Deploying the certificate on WebLogic

After you obtain the SSL certificate, you must deploy the certificate to the Content Platform Engine server.

About this task

The keystore that you created in the WL_HOME/user_projects/domains/domain_name directory is the identity keystore for WebLogic. You can use the Java standard truststore in the JAVA_HOME/jre/lib/security/cacerts directory as the truststore for WebLogic.

Procedure

To deploy the certificate:

  1. Log in to the WebLogic administration console.
  2. Navigate to Environment > Servers > server name.
  3. Click the Configuration tab.
  4. Click the General tab.
  5. Select the SSL Listen Port Enabled checkbox.
  6. Enter a value for SSL Listen Port.
    The default port number is 7002.
  7. Click Save.
  8. Click the Keystores tab.
  9. Click Change.
  10. Select the Custom Identity and Java Standard Trust option, and click Save.
  11. In the Identity section, enter values for the following fields:
    Field Example value
    Custom Identity Keystore: C:\bea\user_projects\domains\mydomain\server.keystore
    Keystore Type JKS
    Keystore Passphrase changeit
  12. Click Save.
  13. Make a note of the value for the Java Standard Trust Keystore field.
    For example, the keystore value is C:\bea\jdk160_21\jre\lib\security\cacerts.
  14. Click the SSL tab.
  15. In the Private Key Alias field, enter the alias of the identity certificate that you added to your keystore, such as cpe-alias.
  16. In the Private Key Passphrase field, enter the value for this identity certificate, such as YourKeyPassword.
  17. Click Save.
  18. From the command line, change to the directory that contains the certificate that you exported from your identity keystore.
    For example, change to the C:\bea\user_projects\domains\mydomain directory that contains the server.crt certificate file.
  19. Import this certificate into the Java standard trust location you noted above by using the following command: 
    keytool -import -alias cpe-alias -file server.crt 
 -keystore C:\bea\jdk160_21\jre\lib\security\cacerts -storepass password
    Important: The default password for the Java standard truststore is changeit. Change the password in a production environment.
  20. Edit the WebLogic startup script to add the following JVM argument to the Java command line: 
    -DUseSunHttpHandler=true
  21. Restart the WebLogic server.