How to check for SSL POODLE / SSLv3 bug on WebLogic? How to fix

Details of the SSL POODLE bug can be found here We can address it in the following way. 1) Disable SSL 3.0 support in the client. 2) Disable SSL 3.0 support in the server. We can start WebLogic server with the following JVM option -Dweblogic.security.SSL.protocolVersion=TLS1 Ref :- Use specific SSL

Continue reading »

SSL Overview and troubleshooting tips

Continue reading »

Mutual Authentication with Weblogic Server

Mutual authentication is a process in which the Server sends its certificate to the client ( thin client / fat client) and the client validates the certificates, then the server requests for a certificate from the client and validates it. In this example we have created a .pfx certificate which

Continue reading »

Converting certificate formats

Converting Certificate from JKS to P12 Format keytool -importkeystore -srckeystore Fabrizio.jks -destkeystore Fabrizio.p12 -srcstoretype JKS -deststoretype PKCS12 -srcstorepass weblogic1 -deststorepass weblogic1 -srcalias {4d390f81-7f7a-4a0a-ae76-9a5ea5ba567f} -destalias {4d390f81-7f7a-4a0a-ae76-9a5ea5ba567f} -srckeypass weblogic1 -destkeypass weblogic1 Converting certificate from PFX to JKS Format java -classpath ./jetty-6.1.1.jar org.mortbay.jetty.security.PKCS12Import Fabrizio.pfx Fabrizio.jks Converting certificate from P12 to PFX Format 1.

Continue reading »

Certificate Management in WebSphere Application Server

Before, trying to understand about the certificate management, installation of certificates inside the WebSphere application server we should first understand why we need ssl communication and what is the impact of not installing the certificates. During the olden days whenever we want to make any banking transaction (e.g.: depositing the

Continue reading »

Weblogic SSL configuration with Custom Identity and Custom Trust

These days the enterprise applications have grown more complex and boast a great deal of sensitive and critical data online. Cyber security has become more than important these days to secure the data. Secure Sockets Layer plays a pivotal role in how a sensitive data can be protected, accessed over

Continue reading »

Automation of Open SSL CSR(Certificate Sign Request) creation

As part of my Job routine I need to create CSR for various new sites we maintain and mail them to CA. Creation of CSR is a two step process, first we create a key which is simple one line command and then we create the CSR. For the second

Continue reading »

Configuring SSL on Weblogic Server – Custom Identity and Custom Trust

I have been getting a lot of request for creating a very simple document for configuring SSL on Weblogic Server. Its a pretty straight forward configuration, but most people are not aware of it. WLS is by default configured with DemoIdentity and DemoTrust, we just need to enable SSL port

Continue reading »

SSL Configuration with Jboss server

The below post describes the steps to configure SSL for your JBoss Server. Steps: 1:- Create a self signed certificate by using the keytool utility. a: Create a private key – public key pair. keytool –genkey –alias mykey –keypass password –keystore identity.jks –storepass password b: Self sign the certificate. keytool

Continue reading »

Troubleshooting SSL issues

Signature verification failed because RSA key public exponent [3] is too small RSA Keys with Public Exponent results in faulty signature verification on WLS. Having so low exponent is considered as security vulnerability; hence keys with low exponents are not supported by WLS. However if we need to bypass this

Continue reading »