Wildcard SSL certificate support in Weblogic

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Posted by user10139630 on Oracle Blogs See other posts from Oracle Blogs or by user10139630
Published on Mon, 24 Sep 2012 12:21:37 +0000 Indexed on 2012/09/24 15:44 UTC
Read the original article Hit count: 659

Filed under:

Weblogic by default doesnt validate ssl certificates with wildcard entries. i.e. with cn = *.example.com . The impact of this is any ssl handshake which involves these kind of certificates are by default rejected.

A clean resolution for this is to use custom hostname verifier and point the same to use the class

weblogic.security.utils.SSLWLSWildcardHostnameVerifier

To make this change,

  1. Launch WLS console
  2. Click on Environment -> Servers on your left
  3. Select Admin Server
  4. Then go to SSL tab
  5. Lock & Edit
  6. Scroll down and expand advanced section
  7. Here change Hostname verification entry to Custom Hostname Verifier
  8. Below in Custom Hostname verifier enter "weblogic.security.utils.SSLWLSWildcardHostnameVerifier"
  9. Restart weblogic



© Oracle Blogs or respective owner

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Related posts about /Oracle

Categories cloud

.NET ASP.NET iphone linux python Windows mysql android sql windows-7 html c ruby-on-rails css objective-c ubuntu networking sql-server wpf asp.net-mvc ruby database Xml apache AJAX osx security regex django Performance 12.04 windows-xp mac web-development iphone-sdk vb.net Silverlight apache2 flash server perl best-practices email installation eclipse visual-studio algorithm windows-server-2008 winforms wcf firefox bash dns /Oracle