WebLogic12c with t3s (SSL) secure protocol and the JMX client by Jay SenSharma


clip_image002As part of this article we will see how to use the “t3s” SSL based secure protocol to interact with WebLogic 12.2.1. We will be developing a simple MBean client which will access sime of the MBeans present on weblogic over the SSL. We are going to implement One Way SSL for this demo. With one-way SSL, the server must present a certificate to the client, but the client is not required to present a certificate to the server. The client must authenticate the server, but the server accepts a connection from any client. One-way SSL is common on the Internet where customers want to create secure connections before they share personal data. Often, clients will also use SSL to log on in order that the server can authenticate them.

Secure Sockets Layer (SSL) provides secure connections by allowing two applications connecting over a network to authenticate each other’s identity and by encrypting the data exchaoged between the applications. Authentication allows a server and optionally a client to verify the identity of the application on the other end of a network connection. Encryption makes data transmitted over the network intelligible only to the intended recipient.

What this demo is about ?

As part of this demo we will see how to use implement One way SSL on weblogic so that a Client can interact with it using https/t3s in a secure manner.

1. How to configure the “CustomIdentityAndJavaStandardTrust” on weblogic, In a complete automated way using WLST scripting.

2. How to configure the SSL port on WebLogic 12.2.1 using WLST.

3. How to create Server side Keystore and Client side truststore.

4. Running a simple MBean Client which will use “t3s” protocol to access/query the MBeans which are present on WLS server.

5. Troubleshooting some very common issues which users might encounter while implementing SSL on WebLogic 12c.

Creating Keystores and Truststore.

Step-1). Lets create a simple keystore which will be deployed on the WLS side and then we will be exporting the public key from that which will be imported on the Client side truststore. In order to simplify the keystore and truststore creation and importing / exporting the certificates, We will be writing a very simple shell script. Please change the store password and keystore/truststore file name based on your choice.
Create a shell script “createKeyStore.sh” somewhere in your filesystem as following:

Read the complete article here.

WebLogic Partner Community

For regular information become a member in the WebLogic Partner Community please visit: http://www.oracle.com/partners/goto/wls-emea ( OPN account required). If you need support with your account please contact the Oracle Partner Business Center.

Blog Twitter LinkedIn Forum Wiki

Technorati Tags: WebLogic,WebLogic Community,Oracle,OPN,Jürgen Kress


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.