使用Tomcat作为weblogic客户端的两种方式的ssl [英] Two way ssl with Tomcat as client to weblogic

问题描述

我为我的一个项目设置了 Weblogic 9.2 的双向 SSL.当浏览器是客户端时，设置并不困难.

I have setup two-way SSL for Weblogic 9.2 for one of my project. The setup was not difficult at all when a browser is a client.

我现在需要将 tomcat 设置为客户端，而不是使用浏览器客户端.在这种情况下，Tomcat 将托管一个 JSP 页面或一个 servlet，并调用托管在 Weblogic 上的 Web 服务.我用谷歌搜索过，但没有找到很多关于这个设置的文档.任何想法 - 在这种情况下设置 HTTPS 连接器是否有效?

I need to setup tomcat as a client now instead using a browser client. In this scenario, Tomcat will host a JSP page or a servlet and call a web service hosted on Weblogic. I have Googled but have not found much documentation for this setup. Any idea - will setting the HTTPS connector work in this case?

谢谢

推荐答案

最后，我能够通过以下方式对其进行配置.

Finally I was able to configure it the following way.

为 Weblogic 服务器设置 SSL生成服务器私钥和证书

java utils.CertGen -selfsigned -certfile SelfCA.cer -keyfile SelfKey.key -keyfilepass password -cn "localhost"

创建身份密钥库

java utils.ImportPrivateKey -keystore IdentityStore.jks -storepass 密码 -keypass 密码 -alias trustself -certfile SelfCA.cer.pem -keyfile SelfKey.key.pem -keyfilepass 密码

将证书导入新的信任密钥库

Import certificate into the new trust keystore

keytool -import -trustcacerts -alias trustself -keystore truststore.jks -file SelfCA.cer.der -keyalg RSA

当提示输入密钥库密码"时，输入密钥密码"

When prompted for "Enter keystore password", enter "keypassword"

登录 WL 管理控制台(http://www.xyz.com:7001/console)(默认用户名=weblogic 和密码=weblogic).在我的示例中，我启动了Weblogic 示例服务器"

Log into WL administrative console (http://www.xyz.com:7001/console) (default username=weblogic and password=weblogic). In my example I started "Weblogic Example Server"

导航到服务器->示例服务器->密钥库.

Navigate to Server->Example Server->Keystore.

点击锁定和编辑"

输入以下信息

Keystore 下拉菜单:选择自定义身份和自定义信任"

Keystore dropdown menu: select "Custom Identity and Custom Trust"

自定义身份密钥库:[LOCATION]\IdentityStore.jks

Custom Identity Keystore: [LOCATION]\IdentityStore.jks

自定义身份密钥库类型:JKS

Custom Indentity Keystore Type: JKS

自定义身份密钥库密码:密码

Custom Identity Keystore Passphrase: password

自定义信任密钥库:[LOCATION]\truststore.jks

Custom Trust Keystore: [LOCATION]\truststore.jks

自定义信任密钥库类型:JKS

Custom Trust Keystore Type: JKS

自定义信任密钥库密码:keypassword`

Custom Trust Keystore Passphrase: keypassword`

导航到 SSL 选项卡.输入以下信息

Navigate to SSL tab. Enter the following information

身份和信任位置:密钥库

Identity and Trust Location: Keystores

私钥别名:trustself

Private Key Alias: trustself

私钥密码:密码

设置Tomcat客户端

为Tomcat生成证书

Generate a certificate for Tomcat

keytool -genkey -alias client -keyalg RSA -validity 3650 -keystore client.jks -storepass abcd1234 -keypass abcd1234

keytool -export -alias client -keystore client.jks -storepass abcd1234 -file client.cer

将证书导入上面创建的信任库

Import the certificate to truststore created above

keytool -import -trustcacerts -alias trustclient -keystore truststore.jks -file client.cer -keyalg RSA

在文本编辑器中打开 [TOMCAT-INSTALL-LOCATION]\bin\catalina.bat.在第 187 行之后添加以下条目

Open [TOMCAT-INSTALL-LOCATION]\bin\catalina.bat in a text editor. Add the following entries right after line 187

set JAVA_OPTS=%JAVA_OPTS% -Djavax.net.ssl.trustStore=C:/certs2/truststore.jks -Djavax.net.ssl.trustStorePassword=keypassword -Djavax.net.ssl.keyAlias=trustcleint

set JAVA_OPTS=%JAVA_OPTS% -Djavax.net.ssl.keyStore=C:/certs2/client.jks -Djavax.net.ssl.keyStorePassword=abcd1234

启动tomcat.

测试构建一个 Web 应用程序并在 Tomcat 中部署.从 Web 应用程序中的 JSP 页面调用部署在 WebLogic 中的 Web 服务 https://www.xyz.com:7002/jws_basic_simple/SimpleService 的 sayHello() 方法.

Testing Build an web application and deploy in Tomcat. From the JSP page in web application invoke sayHello() method of web service https://www.xyz.com:7002/jws_basic_simple/SimpleService deployed in WebLogic.

这篇关于使用Tomcat作为weblogic客户端的两种方式的ssl的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！