Can i use keystore, certificate files that are generated by keytool in weblogic.

Posted on 2006-05-23
Last Modified: 2013-12-10
Hi experts,

This is the question related to Weblogic & SSL.

I am using self-signed certificate generated by the keytool the tool provided by the java (j2sdk1.4.2_10). but to use self-signed certificate with weblogic, process of generating certifcate and keystore is somewhat different, that is we have to use weblogic utils tool.

Is there any way to use keystore and certifcate files that are generated by keytool in weblogic ?

Please give me reply ASAP

Thanks in advance.

Question by:krishnasaikarthik
    LVL 35

    Accepted Solution


    it is actually very simple to do it. First you have to use the CertGen utility to generate certificates and keys:

    java util.CertGen mypass myTestCert myTestKey

    The above command will create a private key identity (myTestKey) and a digital certificate (myTestCert). "mypass" is the password for the private key identity. You then need to use a certification from a certification authority. You can also use the one that comes with WebLogic server, named "CertGenCA.pem" which is in %ΒΕΑ_ΗΟΜΕ%\weblogic81\server\lib. In a production environment this certificate should be from a trusted CA liek Thwate or Verisign.

    Use the command

    type testcert.pem CertGenCA.pem >> newcerts.pem

    to add the certificates into a new one called "newcerts.pem" You now need to use the command:

    java utils.ImportPrivateKey myKeyStore mypasswd mykey mykeypass newcerts.pem testkey.pem

    in order to cerate a new keystore and load your private key into the file "testkey.pem".

    You can go to the console now and click on the server and then on the Keystore & SSL tab. Choose Custom Identity And Java Standard Trust (you will use the standard java mechanism with the "cacerts" file and in the next screen give the values you used when you created the keystore (myKeyStore, jks, mypasswd  (keystore's password)). The password for the standard java mechanism is "changeit".

    Now restart WebLogic server and you are set. Note that you can see your own certification loaded if you change the debug level to info (you can do this from the console, from the Logging tab. For a few more info you can have a look here:
    LVL 35

    Expert Comment


    > %ΒΕΑ_ΗΟΜΕ%

    should be


    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    Join & Write a Comment

    -Xmx and -Xms are the two JVM options often used to tune JVM heap size.   Here are some common mistakes made when using them:   Assume BigApp is a java class file for the below examples. 1.         Missing m, M, g or G at the end …
    Verbose logging is used to diagnose garbage collector problems. By default, -verbose:gc output is written to either native_stderr.log or native_stdout.log.   It is also possible to redirect the logs to a user-specified file. This article will de…
    Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
    This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

    746 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    19 Experts available now in Live!

    Get 1:1 Help Now