| 请安装以下步骤在BEA Weblogin 9.0上安装SSL证书:
A: 一旦您申请的SSL证书成功颁发,您会收到一个Email通知您取回证书,点击邮件中的取回证书链接,就可以得到您的证书。直接复制页面的显示的证书公钥文件,并用记事本另存为 mycert.crt 即可。 同时,您还需要下载中级根证书和交叉签名根证书,另存为:intermediate.cer 和 ca1_xs.cer,放到与 www.mydomain.com.crt 同一个目录即可。点击 这里 下载交叉签名根证书;如果你购买的是 OV超真SSL 系列证书,请点 这里 下载中级根证书;如果你购买的是 DV超快SSL 系列证书,请点 这里 下载中级根证书;如果你购买的是 EV超真SSL 系列证书,请点 这里 下载中级根证书。
B. 导入证书 Import the certificate
请使用以下命令导入交叉根证书到您的Keystore中:
Use the keytool command to import the root certificates as follows:
keytool -import -trustcacerts -alias root -file ca1_xs.cer -keystore [keystore_name]
请使用以下命令导入WoSign中级根证书到您的Keystore中:
Use the same process for the WoSign certificate using the keytool command:
keytool -import -trustcacerts -alias INTER -file intermediate.cer -keystore [keystore_name]
请使用以下命令导入您的证书到您的Keystore中,其中:
Use the same process for the site certificate using the keytool command, if you are using an alias then please include the alias command in the string:
keytool -import -trustcacerts -alias [keyEntry_name] -file mycert.crt -keystore [keystore_name]
C. 配置WebLogic Server Configure the Identity and Trust keystores for WebLogic Server
1. 展开Web服务器节点 Expand the Servers node.
2. 选择您需要配置的Web服务器名称 Select the name of the server for which you want to configure keystores.
3. 选中“Keystores and SSL tab”按钮设置此域名的Keystore信息 Select the button 'Keystores and SSL tab' to configure the keystore for the domain.
4. 缺省情况下,WebLogin有一个测试用的SSL证书用于测试,请点击右上面的“Change”链接,会显示可选的证书下拉菜单。 By default, WebLogic ships with demo certificates for testing purposes. Click the 'Change' link in the upper-right portion of the configuration items. This will display the drop-down list of options for configuration.
5. 选中 Choose 'Custom Identity and Java Standard Trust' from the list.
6. 指定以下Keystore信息 Specify the identity keystore information.
[Custom identity]
Keystore文件保存完整路径: Custom Identity key store file Name : c:\where\my\keystore\is\located\mykeystore.keystore (The fully qualified path to your keystore)
Keystore类型:Custom Identity key Store Type : jks (Generally, this attribute is jks)
Keystore管理密码(您在创建时设置的):Custom Identity key Store Pass Phrase : keystore_password (The password defined when creating the keystore)
确认Keystore管理密码(您在创建时设置的):Confirm Customer Identity key Store Pass Phrase : Keystore_password (The password defined when creating the keystore)
[Java Standard Trust]
Java标准Keystore管理密码:Java standard Trust Key Store Pass Phrase : changeit (unless your system admin changed it the password for the cacerts keystore is "changeit")
确认Java标准Keystore管理密码: Confirm Java Standard Trust Key Store Pass Phrase : changeit (unless your system admin changed it the password for the cacerts keystore is "changeit")
点击 Click 'continue'
查看SSL证书私钥设置信息 [Review SSL Private Key Settings]
私钥别名 Private key Alias : your_alias_name (the alias is the friendly name for your keyEntry (private key), if you do not remember it please run the following command on your keystore to confirm the alias: 如果您忘了私钥别名,请使用以下命令验证别名:
keytool -list -keystore [your_alias_name] -v 私钥密码 Passphrase : keyEntry_password (specify the keyEntry (private key) password. The password for the private key may differ from the one for the keystore)
确认私钥密码 Confirm Passphrase : keyEntry_password (specify the keyEntry (private key) password. The password for the private key may differ from the one for the keystore)
7. 点击 Click 'continue'
8. 点击 Click Finish.
9. 重启 Reboot WebLogic Server.
|
