Wildcard SSL certificate support in Weblogic
Posted
by user10139630
on Oracle Blogs
See other posts from Oracle Blogs
or by user10139630
Published on Mon, 24 Sep 2012 12:21:37 +0000
Indexed on
2012/09/24
15:44 UTC
Read the original article
Hit count: 684
/Oracle
Weblogic by default doesnt validate ssl certificates with wildcard entries. i.e. with cn = *.example.com . The impact of this is any ssl handshake which involves these kind of certificates are by default rejected.
A clean resolution for this is to use custom hostname verifier and point the same to use the class
weblogic.security.utils.SSLWLSWildcardHostnameVerifier
To make this change,
- Launch WLS console
- Click on Environment -> Servers on your left
- Select Admin Server
- Then go to SSL tab
- Lock & Edit
- Scroll down and expand advanced section
- Here change Hostname verification entry to Custom Hostname Verifier
- Below in Custom Hostname verifier enter
"weblogic.security.utils.SSLWLSWildcardHostnameVerifier"
- Restart weblogic
© Oracle Blogs or respective owner