Developer Partner Community

  • March 30, 2016

WebLogic12c with t3s (SSL) secure protocol and the JMX client by Jay SenSharma

Juergen Kress
PaaS Partner Adoption

clip_image002As part of this article we will see how to use the “t3s” SSL based secure protocol to interact with WebLogic 12.2.1. We will be developing a simple MBean client which will access sime of the MBeans present on weblogic over the SSL. We are going to implement One Way SSL for this demo. With one-way SSL, the server must present a certificate to the client, but the client is not required to present a certificate to the server. The client must authenticate the server, but the server accepts a connection from any client. One-way SSL is common on the Internet where customers want to create secure connections before they share personal data. Often, clients will also use SSL to log on in order that the server can authenticate them.

Secure Sockets Layer (SSL) provides secure connections by allowing two applications connecting over a network to authenticate each other’s identity and by encrypting the data exchaoged between the applications. Authentication allows a server and optionally a client to verify the identity of the application on the other end of a network connection. Encryption makes data transmitted over the network intelligible only to the intended recipient.

What this demo is about ?

As part of this demo we will see how to use implement One way SSL on weblogic so that a Client can interact with it using https/t3s in a secure manner.

1. How to configure the “CustomIdentityAndJavaStandardTrust” on weblogic, In a complete automated way using WLST scripting.

2. How to configure the SSL port on WebLogic 12.2.1 using WLST.

3. How to create Server side Keystore and Client side truststore.

4. Running a simple MBean Client which will use “t3s” protocol to access/query the MBeans which are present on WLS server.

5. Troubleshooting some very common issues which users might encounter while implementing SSL on WebLogic 12c.

Creating Keystores and Truststore.

Step-1). Lets create a simple keystore which will be deployed on the WLS side and then we will be exporting the public key from that which will be imported on the Client side truststore. In order to simplify the keystore and truststore creation and importing / exporting the certificates, We will be writing a very simple shell script. Please change the store password and keystore/truststore file name based on your choice.
Create a shell script “createKeyStore.sh” somewhere in your filesystem as following:

Read the complete article here.

WebLogic Partner Community

For regular information become a member in the WebLogic Partner Community please visit: http://www.oracle.com/partners/goto/wls-emea ( OPN account required). If you need support with your account please contact the Oracle Partner Business Center.

Blog Twitter LinkedIn Forum Wiki

Technorati Tags: WebLogic,WebLogic Community,Oracle,OPN,Jürgen Kress

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.