Self Signed certificate in Weblogic Server using Keytool

Self signed certificates are used by developers to validate the https configuration and testing.  Below given are the steps to configure and test self signed certificate

  • Navigate to the JRE/bin path and execute the keytool.exe to verify if that is installed properly
  • Create the directory csr    –      mkdir csr
  • Execute the keytool command to generate the identity.jks

keytool -genkey -alias testCert -keyalg RSA -keypass privatepassword -keystore identity.jks -storepass password -validity 365

  • Enter the information asked for Organization, State, City and Country
  •   export the certificate from identity keystore into root.cer

keytool -export -alias testCert -file root.cer -keystore identity.jks  -storepass password

  •   export the certificate from identity keystore

keytool -import -alias mykey -file root.cer -keystore trust.jks -storepass password

  •  Enter the password- password (mentioned above)
keystore identity password
keystore identity password
  •  Log into the Web Logic Server
  •   Click on Server -> Admin Server
  •  Click on Key Store tab
  • Click on the CHANGE button to modify the key store settings
  • Select the custom Identity and Custom Trust from the available option for the key stores
Custom Identity and Custom Trust Keystore
Custom Identity and Custom Trust Keystore
  •  Copy the generated Identity.jks and keystore.jsk files on the server path so that they can be selected as given below.
  •  Modify the port for SSL in the General tab with 4443 (default)
Custom Identity and Custom Trust Keystore in Web logic Server
Custom Identity and Custom Trust Keystore in Web logic Server
  • Click on Save and  activate the changes