Configuring Custom SSL for WebLogic server
Working on the Oracle Utilities project, where our Environment requirement is that Mobile runtimes will communicates with secure servers. So we need to make the WebLogic server SSL Enabled with Custom SSL certificates configuration.WLST keystore SSL for Admin Server, Managed Server |
Assumptions:
- WebLogic 12.2.1.3 domain configured
- Each WebLogic server SSL enabled already
- AdminServer up and running
Here in this example I am using CA provided certificates but to publish in this post giving dummy paths and file names. The prerequisites you must have the Custom Identity and Custom Trust store
#!/usr/bin/python # Author : Pavan Devarakonda # Save Script as : set_keystoreSSL.py # Initial drafted : 12/07/2018 #========================================== import re # Get location of the properties file. execfile('/opt/MWM/scripts/set_keystore.properties') def connectAdmin(): # Connect to the AdminServer. try: connect(admin_username, admin_password, admin_url) except: print 'Unable to connect to AdminServer' exit() def setKSnSSL4server(serverName, ksIdentityPath,ksIdentityPassword,ksTrustPath,ksTrustPassword,privateKeyAlias,keyPhrase): # Set keystore information. print "===============================" print "set keystore to "+serverName print "===============================" cd('/Servers/' + serverName) cmo.setKeyStores('CustomIdentityAndCustomTrust') cmo.setCustomIdentityKeyStoreFileName(ksIdentityPath) cmo.setCustomIdentityKeyStoreType('JKS') set('CustomIdentityKeyStorePassPhrase', ksIdentityPassword) cmo.setCustomTrustKeyStoreFileName(ksTrustPath) cmo.setCustomTrustKeyStoreType('JKS') set('CustomTrustKeyStorePassPhrase', ksTrustPassword) print "set SSL to "+serverName print "===============================" cd('/Servers/' + serverName + '/SSL/' + serverName) cmo.setServerPrivateKeyAlias(privateKeyAlias) set('ServerPrivateKeyPassPhrase', keyPhrase) def main(): connectAdmin() print servers edit() startEdit() print "=========================================================================" print "AdminServer, utilities_server1 server set keystore, SSL custom keystore" print "=========================================================================" setKSnSSL4server(adm['name'], adm['identity.path'], adm['identity.password'],adm['trust.path'],adm['trust.password'],adm['privateKeyAlias'],adm['keyPhrase']) setKSnSSL4server(ms1['name'], ms1['identity.path'], ms1['identity.password'],ms1['trust.path'],ms1['trust.password'],ms1['privateKeyAlias'],ms1['keyPhrase']) save() activate() disconnect() exit() main()This time the properties file is also python script to use the dictionary capabilities of Python to refer to the Weblogic server and its corresponding server'S keystore, SSL details to store together.
# AdminServer connection details. admin_username='system' admin_password='welcome1' admin_url='t3://test.server.com:7001' #Dictionaries for AdminServer, utilities_server1 keystore, SSL values adm = { 'name':'AdminServer','identity.path':'/opt/myalias_cert/myIdentity.jks', 'identity.password':'welcome1', \ 'trust.path':'/opt/myalias_cert/myTrustStore.jks', 'trust.password':'welcome1', \ 'keyPhrase':'welcome1', 'privateKeyAlias':'myalias'} ms1 = { 'name':'utilities_server1','identity.path':'/opt/myalias_cert/myIdentity.jks', 'identity.password':'welcome1', \ 'trust.path':'/opt/myalias_cert/myTrustStore.jks', 'trust.password':'welcome1', \ 'keyPhrase':'welcome1', 'privateKeyAlias':'myalias'}
The execution or the above script output looks as below: You can execute.