• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1017
  • Last Modified:

Can i use keystore, certificate files that are generated by keytool in weblogic.

Hi experts,

This is the question related to Weblogic & SSL.

I am using self-signed certificate generated by the keytool the tool provided by the java (j2sdk1.4.2_10). but to use self-signed certificate with weblogic, process of generating certifcate and keystore is somewhat different, that is we have to use weblogic utils tool.

Is there any way to use keystore and certifcate files that are generated by keytool in weblogic ?

Please give me reply ASAP

Thanks in advance.

  • 2
1 Solution

it is actually very simple to do it. First you have to use the CertGen utility to generate certificates and keys:

java util.CertGen mypass myTestCert myTestKey

The above command will create a private key identity (myTestKey) and a digital certificate (myTestCert). "mypass" is the password for the private key identity. You then need to use a certification from a certification authority. You can also use the one that comes with WebLogic server, named "CertGenCA.pem" which is in %ΒΕΑ_ΗΟΜΕ%\weblogic81\server\lib. In a production environment this certificate should be from a trusted CA liek Thwate or Verisign.

Use the command

type testcert.pem CertGenCA.pem >> newcerts.pem

to add the certificates into a new one called "newcerts.pem" You now need to use the command:

java utils.ImportPrivateKey myKeyStore mypasswd mykey mykeypass newcerts.pem testkey.pem

in order to cerate a new keystore and load your private key into the file "testkey.pem".

You can go to the console now and click on the server and then on the Keystore & SSL tab. Choose Custom Identity And Java Standard Trust (you will use the standard java mechanism with the "cacerts" file and in the next screen give the values you used when you created the keystore (myKeyStore, jks, mypasswd  (keystore's password)). The password for the standard java mechanism is "changeit".

Now restart WebLogic server and you are set. Note that you can see your own certification loaded if you change the debug level to info (you can do this from the console, from the Logging tab. For a few more info you can have a look here: http://www.samspublishing.com/articles/article.asp?p=381389&seqNum=2&rl=1


should be


Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now