- Given the AdminServer (weblogic)
- We would like to connect to AdminServer using t3s (secure) protocol.
- We can make the SSL connection by using any of the following truststores:
- JavaStandardTrust (default truststore for SSL communication)
- DemoTrust
- CustomTrust
- We will use default truststore to make SSL (t3s) connection to AdminServer.
- To Initiate the SSL connection, the JavaStandardTrust should have public certificate(s) of AdminServer.
- So, If public certificate(s) of AdminServer is not there in JavaStandardTrust, then
- Export the public certificate(s) of AdminServer after following the LINK
- Suppose, we have saved the public certificate as MyServerCertificate.cer
- Now, we need to import the public certificate to JavaStandardTrust store
- JavaStandardTrust path for windows would be %JAVA_HOME%\jre\lib\security\cacerts and for Linux it would be $JAVA_HOME\jre\lib\security\cacerts
- Now, import the certificate to windows JavaStandardTrust using keytool (similarly, we can import the certificate in linux truststore).
keytool -import -alias "<Any Unique Alias Name>" -keystore <path of JavaStandardTrust> -file "<path of public certificate> keytool -import -alias "AnyAliasName" -keystore "%JAVA_HOME%\jre\lib\security\cacerts" -trustcacerts -file "MyServerCertificate.cer"
After, we have imported the certificate to JavaStandardTrust store, we can make a secure SSL connection to AdminServer using t3s protocol.
#Ignore hostname verification System.setProperty("weblogic.security.SSL.ignoreHostnameVerification", "true") #Make t3s connection with AdminServer, t3s://: adminURL = "t3s://slc07fic.us.oracle.com:7002" connect("weblogic","welcome2", adminURL)
Output: SSL connection to weblogic admin server using t3s protcol:
c:\fmw_12.2.1.3.0\wls12213\oracle_common\common\bin>java -Dweblogic.security.SSL.ignoreHostnameVerification=true weblogic.WLST Initializing WebLogic Scripting Tool (WLST) ... Welcome to WebLogic Server Administration Scripting Shell Type help() for help on available commands wls:/offline> adminURL = "t3s://myAdminServerHost:7002" wls:/offline> wls:/offline> connect("weblogic","welcome2", adminURL) Connecting to t3s://myAdminServerHost:7002 with userid weblogic ... Successfully connected to Admin Server "AdminServer" that belongs to domain "osb_domain". wls:/osb_domain/serverConfig/>