BEA-090171 Loading the identity certificate and private key stored under the alias client ....
BEA-090169 Loading trusted certificates from the JKS file store
This flag is useful to trace: -Dweblogic.security.SSL.verbose=true -Djavax.net.debug=all
Check also the "ssl" element in config.xml:
<ssl>
<use-java>true</use-java>
<enabled>true</enabled>
<ciphersuite>TLS_RSA_WITH_AES_256_CBC_SHA</ciphersuite>
<ciphersuite>TLS_RSA_WITH_AES_128_CBC_SHA</ciphersuite>
<ciphersuite>TLS_RSA_WITH_RC4_128_SHA</ciphersuite>
<ciphersuite>TLS_RSA_WITH_3DES_EDE_CBC_SHA</ciphersuite>
<hostname-verifier>com.pierre.HostNameVerifier</hostname-verifier>
<hostname-verification-ignored>false</hostname-verification-ignored>
<export-key-lifespan>500</export-key-lifespan>
<client-certificate-enforced>true</client-certificate-enforced>
<listen-port>33641</listen-port>
<two-way-ssl-enabled>true</two-way-ssl-enabled>
<server-private-key-alias>some.certificate.alias</server-private-key-alias>
<server-private-key-pass-phrase-encrypted>{AES}blablabla=</server-private-key-pass-phrase-encrypted>
<ssl-rejection-logging-enabled>true</ssl-rejection-logging-enabled>
<inbound-certificate-validation>BuiltinSSLValidationAndCertPathValidators</inbound-certificate-validation>
<outbound-certificate-validation>BuiltinSSLValidationOnly</outbound-certificate-validation>
<jsse-enabled>true</jsse-enabled>
</ssl>
SSLMBean.ServerPrivateKeyAlias https://docs.oracle.com/cd/E13222_01/wls/docs100/schemaref/security/http.www.bea.com.ns.weblogic.920.domain/types/ssltype.server-private-key-alias.html
No comments:
Post a Comment