e hënë Sht 24, 2012

Wildcard SSL certificate support in Weblogic

Weblogic by default doesnt validate ssl certificates with wildcard entries. i.e. with cn = *.example.com . The impact of this is any ssl handshake which involves these kind of certificates are by default rejected.

A clean resolution for this is to use custom hostname verifier and point the same to use the class

weblogic.security.utils.SSLWLSWildcardHostnameVerifier

To make this change,

  1. Launch WLS console
  2. Click on Environment -> Servers on your left
  3. Select Admin Server
  4. Then go to SSL tab
  5. Lock & Edit
  6. Scroll down and expand advanced section
  7. Here change Hostname verification entry to Custom Hostname Verifier
  8. Below in Custom Hostname verifier enter "weblogic.security.utils.SSLWLSWildcardHostnameVerifier"
  9. Restart weblogic



About

bocadmin_ww

Search

Categories
Archives
« shtator 2012 »
DieHënMarMërEnjPreSht
      
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
25
26
27
28
29
30
      
Today