====== OpenSSL Certificate Generation ====== ==== Configuration for Weblogic ==== **Create A Keystore with the self signed private key **\\ For the purposes of this document we will have no truck with Verisign or Thawte for signing our keys.


mkdir 
cd 
keytool -genkey -v -alias  -keyalg rsa -keysize 1024 -dname "CN=,OU=IT,O=,L=,S=,C=US" -validity 7000 -keypass  -keystore .jks -storepass

=== Setting Up the Weblogic Console === - Log into the weblogic console as "system". - In the left hand tree view select "Servers" and then the appropriate server. - In the right-hand detail view, select the "General" Tab. - Check "SSL Listen Port Enabled" and specify a port. - Select the "Keystores & SSL" tab. You will need the following fields to set up Weblogic in the Weblogic console: * * * * * == Keystore == - Select the "Change" link to specify custom values. - For "Specify Keystore Trust" select "Custom Identity and Standard Java Trust". - Select "Continue". - Enter / for "Custom Identity Key Store File Name". - Enter "JKS" for "Custom Identity Key Store Type". - Enter for "Custom Identity Key Store Pass Phrase". == Trust == - For the Standard Java Trust, make sure that the password is blank. - Point to $JAVA_HOME/jre/lib/security for the location of the "cacerts" file. == SSL Configuration == - Enter for "Private Key Alias". - Enter for "PassPhrase". Save Restart the Weblogic Server ==== Configuration for Apache2 ==== cd /etc/apache2/conf/ssl\\ **# generate server key.**\\ openssl genrsa -des3 -rand /dev/urandom -out ./server.key 1024 **# remove password for server key**\\ openssl rsa -in ./server.key -out ./server.pem **# generate CSR**\\ openssl req -new -key server.key -out server.csr **# Self Sign the certificate**\\ openssl x509 -req -days 3650 -in server.csr -signkey server.key -out server.crt Add the certificates //server.pem// and //server.crt// into your web server