6.2.3 Enable two-way SSL

This topic explains systematic instructions to enable two-way SSL.

  1. Perform one-way SSL configuration steps as per the topic Enable one-way SSL.
  2. Generate a new trust store trust.jks for the Weblogic server.
    Keystore created for one-way SSL can be used, but it is recommended to create a separate truststore for two-way SSL.
  3. Export the user certificate from the Oracle HTTP Server wallet, and import it into the newly created truststore.
  4. In the Settings for AdminServer screen, set the Keystore details under the Keystore tab.

    For more information, refer to the fields description table.

    Figure 6-14 Settings for Admin server - Keystore trust


    Description of Figure 6-14 follows
    Description of "Figure 6-14 Settings for Admin server - Keystore trust"

    Table 6-2 Keystore - Field Description

    Field Description
    Custom Trust Keystore Specify the trust.jks file location.
    Custom Trust Keystore Type Specify the Keystore type as JKS.
    Custom Trust Keystore Passphrase Specify the passphrase used to create the Keystore.
    Confirm Custom Trust Keystore Passphrase Confirm the passphrase used to create the Keystore.
  5. Under the SSL tab, ensure Trusted Certificate Authorities field is set as from Custom Trust Keystore.

    Figure 6-15 Settings for Admin server - SSL tab


    Description of Figure 6-15 follows
    Description of "Figure 6-15 Settings for Admin server - SSL tab"

  6. Restart the Weblogic Server.

Parent topic: SSL Configuration between Oracle HTTP Server and Oracle Weblogic Server