Certificate import steps:
1. Download the latest certificate of the invoking application URL from the browser and saved it. It will have a .cer DER/Binary file.
Steps to get the certificate opening the URL in Chrome:
Click on Lock symbol→Certificate(Valid)→go to Details Tab→Copy to file→Next→select DER encoded binary x.509(.CER)→Next→browse and select the folder where to save it with a apt name→Finish
Showing with the google's certificate:
2. Now convert it to .crt (PEM file). Click here CertificateConvert to
1. Download the latest certificate of the invoking application URL from the browser and saved it. It will have a .cer DER/Binary file.
Steps to get the certificate opening the URL in Chrome:
Click on Lock symbol→Certificate(Valid)→go to Details Tab→Copy to file→Next→select DER encoded binary x.509(.CER)→Next→browse and select the folder where to save it with a apt name→Finish
Showing with the google's certificate:
2. Now convert it to .crt (PEM file). Click here CertificateConvert to
DER/Binary⇾Standard PEM
3. Get the cert in .crt format and place the file in weblogic server home/server/lib path
for e.g→ /app/Oracle/Middleware/Oracle_Home/wlserver/server/lib
4. Grant all the permissions
chmod 777 certficateOne.crt
5. Take the keystore backup as below:
cp CustomSOAKeysTrust.jks CustomSOAKeysTrust.jks_BK05092019
6. Import certtificate in custom
trust. Highlighted name need to be changed.
/usr/java8_64/bin/keytool -import -alias AliasCertName -trustcacerts -file yourCert.crt
-keystore CustomSOAKeysTrust.jks -storepass CUSTOMPASSWORD
Note: /usr/java8_64/bin/ This is java bin path. provide the java bin path if it is not set.
7. List the certs to check if your cert is imported correctly.
/usr/java8_64/bin/keytool -list -keystore
CustomSOAKeysTrust.jks -storepass CUSTOMPASSWORD
8. Do the
same steps for server 2 (if it is clustered).
9. Restart the affected servers only one by one.
No comments:
Post a Comment