SSL Certificate for WebLogic CA Singed


 SSL Certificate for WebLogic

CA Singed Cert:

Create a key store database:

[root@localhost]# /opt/java/bin/keytool -genkey -alias lac -keystore key_weblogic.jks -storetype jks -keypass changeit -storepass changeit

What is your first and last name?

 [Unknown]: www.vijayarathinam.com

What is the name of your organizational unit?

 [Unknown]: IT

What is the name of your organization?

 [Unknown]: ITO

What is the name of your City or Locality?

 [Unknown]: Chennai

What is the name of your State or Province?

 [Unknown]: TN

What is the two-letter country code for this unit?

 [Unknown]: IN

Is CN=www.vijayarathinam.com, OU=IT, O=ITO, L=Bengaluru, ST=KA, C=IN correct?

 [no]: yes

 

To create a Certificate Signing Request:

[root@localhost]# /opt/java/bin/keytool -certreq -alias vijay -keystore key_weblogic.jks -file lac_certreq.csr

Enter keystore password: 

[root@localhost]# ls vijay_certreq.csr

lac_certreq.csr

[root@localhost]


Email this to your third party CA:

Once you get a reply back from the CA, you need to use this below command and import them to your key store. 


Import a root or intermediate CA certificate to an existing Java keystore

keytool -import -trustcacerts -alias root -file vijayroot.crt -keystore key_weblogic.jks


Import a signed primary certificate to an existing Java keystore

keytool -import -trustcacerts -alias lac -file vijay.crt -keystore key_weblogic.jks


Overall Information on the keytool:

CSR -> Certificate signing request.

CRT -> Certificate.


To view a keystore file which you have created:

[root@localhost utils]# /opt/java/bin/keytool -list -v -keystore key_weblogic.jks 

Enter keystore password: 

Keystore type: JKS

Keystore provider: SUN

Your keystore contains 1 entry

Alias name: vijay

Creation date: Oct 11, 2024

Entry type: PrivateKeyEntry

Certificate chain length: 1

Certificate[1]:

Owner: CN=www.vijayarathinam.com, OU=IT, O=ITO, L=Bengaluru, ST=KA, C=IN

Issuer: CN=www.vijayarathinam.com, OU=IT, O=ITO, L=Bengaluru, ST=KA, C=IN

Serial number: 54396f7a

Valid from: Sat Oct 11 23:27:14 IST 2024 until: Fri Jan 09 23:27:14 IST 2025

Certificate fingerprints:

 MD5: D4:B7:DC:1A:61:B5:F6:C4:D4:1A:0D:23:55:58:F1:E2

 SHA1: F4:2E:47:07:97:0F:41:A4:CE:E9:2B:73:3A:2A:1D:4B:46:F7:A1:5B

 Signature algorithm name: SHA1withDSA

 Version: 3

*******************************************

*******************************************



Deleting a key from the key store (use the alias name):

/opt/java/bin/keytool -delete -alias vijay -keystore key_weblogic.jks 


Exporting a Public Certificate from a keystore:

/opt/java/bin/keytool -export -alias vijay -file vijay.crt -keystore key_weblogic.jks


Changing the keystore password:

/opt/java/bin/keytool -storepasswd -new new_storepass -keystore key_weblogic.jks


Working with Trust store:

List Trusted CA Certs

/opt/java/bin/keytool -list -keystore /opt/Oracle/Middleware/Oracle_Home/wlserver/server/lib/cacerts


Import New CA into Trusted Certs

keytool -import -trustcacerts -file /path/to/ca/ca.pem -alias CA_ALIAS -keystore /opt/Oracle/Middleware/wlserver_12/server/lib/cacerts




Comments

Post a Comment

Popular posts from this blog

 Completed Installation Steps for WAS Version 9 IM Installation: unzip agent.installer.lnx.gtk.x86_64_1.8.5.zip ./installc -acceptLicense -sVP -installationDirectory /opt/IBM/InstallationManager/eclipse Verify the Installation Mnager version /opt/IBM/InstallationManager/eclipse/tools/imcl -version List the Available Package for WASND & SDK8: /opt/IBM/InstallationManager/eclipse/tools/imcl listAvailablePackages -repositories /mnt/package/WAS/repository.xml /opt/IBM/InstallationManager/eclipse/tools/imcl listAvailablePackages -repositories /mnt/package/SDK9/repository.xml Install WASND9 along with SDK8: Note: With out SDK installation will not be performed. ./imcl install com.ibm.websphere.ND.v90_9.0.0.20160526_1854 com.ibm.java.jdk.v8_8.0.3000.20160623_1418 -repositories /opt/IBM/package/WASND9/,/opt/IBM/package/WASSDK/  -installationDirectory /opt/IBM/WebSphere/AppServer -sVP -sharedResourcesDirectory /opt/IBM/IMShared/ -installFixes recommended -acceptLicense -showProgress DMGR Pr
Read more

SSL certificate in WebSphere Application Server

  Here are the step-by-step instructions for renewing an SSL certificate in WebSphere Application Server: 1. Generate a Certificate Signing Request (CSR): * Locate your existing private key and note its location. * Open a command prompt or terminal and navigate to the WebSphere Application Server installation directory. * Run the following command to generate a new CSR: php Copy code keytool -certreq -keyalg RSA -alias < alias_name > -file < csr_file_path > -keystore < keystore_file_path > Replace <alias_name> with the alias of the private key entry, <csr_file_path> with the path where you want to save the CSR file, and <keystore_file_path> with the path to your keystore file. 2. Submit the CSR to a Certificate Authority (CA): * Go to your chosen CA's website or portal and navigate to the certificate renewal section. * Follow the CA's instructions for submitting a CSR and complete any required validation steps. * Submit the CSR fil
Read more

Tomcat Upgrade Steps on Windows.

  Tomcat  Upgrade Steps on Windows. 1, Stop the older version of  Tomcat  service 2, Disable the service 3. Install the new  tomcat  version 4, backup the root webapps index file 5, copy the applications folder to webapps 6, compare the server.xml from older to new and then update the server.xml file in  tomcat  lates version 7, Add factory setting for password encryption in  tomcat  server.xml 8, copy the lib jar files to new  tomcat  lib 9, Edit the  tomcat  properties, JVM, JAVA Class path, JAVA Options, Initial memory pool, Maximum memory pool and local system account 10, Make it automatic and start the new  tomcat  service 11, Make sure application is woking after application team validation 12, uninstall the older version of  tomcat  and make sure you don't delete the folders. Note : These are the steps to be coordinated with application team, and make sure application compatible with the upgraded version during the planning phase. 
Read more