Wildcard SSL certificate support in Weblogic

Posted by user10139630 on Oracle Blogs See other posts from Oracle Blogs or by user10139630
Published on Mon, 24 Sep 2012 12:21:37 +0000 Indexed on 2012/09/24 15:44 UTC
Read the original article Hit count: 684

Filed under:

Weblogic by default doesnt validate ssl certificates with wildcard entries. i.e. with cn = *.example.com . The impact of this is any ssl handshake which involves these kind of certificates are by default rejected.

A clean resolution for this is to use custom hostname verifier and point the same to use the class

weblogic.security.utils.SSLWLSWildcardHostnameVerifier

To make this change,

  1. Launch WLS console
  2. Click on Environment -> Servers on your left
  3. Select Admin Server
  4. Then go to SSL tab
  5. Lock & Edit
  6. Scroll down and expand advanced section
  7. Here change Hostname verification entry to Custom Hostname Verifier
  8. Below in Custom Hostname verifier enter "weblogic.security.utils.SSLWLSWildcardHostnameVerifier"
  9. Restart weblogic



© Oracle Blogs or respective owner

Related posts about /Oracle