The title of this blog may seem a bit cryptic…. In this article I’d like explain some basics of the the SSL implementation in WebLogic. This blog is meant for people who are not familiar with SSL, especially in combination with WebLogic.
In my experience, SSL is usually a bit of a black box for many junior and medior administrators who work with middleware, so I will try to clarify some of it in special relation to WebLogic. To understand this, there are also some generic parts to discuss. SSL is a technique to secure a point-to-point socket connection, in the so-called transport layer which will be secured. It provides secure connections for interfaces or (web) applications to connect and authenticate each other’s identity, and by encrypting the data traffic between those interfaces or application back ends.
Authentication allows a server, and sometimes optionally, a client to verify the identity of the application on the other end of a network connection. SSL uses the public key encryption technology for this. With public key encryption, a public key and a private key can be generated for a back-end server. This key is used to encrypt data before sending. After the client has recieved the key, it can decrypt it using that same key. So data encrypted with the public key can only be decrypted using the corresponding private key and vice versa.
It’s is like sending a locked safe with some transportcompany along with a note which contains the unlock combination. The public key is embedded in a digital certificate with additional information about the initiator of the key. This information may consist of name, street address, email address, company information and some geographic information. A private key and a digital certificate provide an identity for the server. The data embedded in a digital certificate is verified by a certificate authority and digitally signed with the certificate authority’s digital certificate.
Well-known certificate authorities include Verisign and Entrust.net. The trusted certificate authority (CA) certificate establishes trust for a certificate. Below is an overview of a “happy SSL flow”: Read the complete article here.
For regular information become a member in the WebLogic Partner Community please visit: http://www.oracle.com/partners/goto/wls-emea ( OPN account required). If you need support with your account please contact the Oracle Partner Business Center.