3 Replies Latest reply on Mar 22, 2013 1:28 PM by 997468

    How to configure SSL certificates on weblogic 10.3.5?

      Hi everybody,

      i' ve got 2 certificates: Server and Intermediate CA. I used java keytool command to import these two certificates into new keystore:

      keytool -import -v -alias server_cert -file certificate.pem -keystore keystore.jks

      keytool -import -v -alias intermediate_ca -file intermediate.pem -keystore keystore.jks

      Then as weblogic 10.3.5 documentation says i need to use ImportPrivateKey utility in order to import private key into keystore, so i use this command:

      java utils.ImportPrivateKey -keystore private.jks -storepass password -keyfile mykey -keyfilepass password -keyfile private.pem -alias private

      and get the following error:

      Exception in thread "main" java.lang.NoClassDefFoundError: utils.ImportPrivateKey
      at gnu.java.lang.MainThread.run(libgcj.so.7rh)
      Caused by: java.lang.ClassNotFoundException: utils.ImportPrivateKey not found in gnu.gcj.runtime.SystemClassLoader{urls=[file:./], parent=gnu.gcj.runtime.ExtensionClassLoader{urls=[], parent=null}}
      at java.net.URLClassLoader.findClass(libgcj.so.7rh)
      at java.lang.ClassLoader.loadClass(libgcj.so.7rh)
      at java.lang.ClassLoader.loadClass(libgcj.so.7rh)
      at gnu.java.lang.MainThread.run(libgcj.so.7rh)

      Any ideas? Thanks.

      Karolis M.
        • 1. Re: How to configure SSL certificates on weblogic 10.3.5?

          Weblogic has two keystores : identity (if you are doing 2 ways SSL) and trust. you should import your "external" certificate in the "trust" key store.

          look at your server config to know your config : Home >Summary of Servers >AdminServer-->configuration-->keystore

          I suggest that you change the default configuration (not using the demo one),

          then when you know where is yo key store use the command line to add your certificate to trusted store (this is a example) :

          opt/weblogic10_3_3/jdk160_18/jre/bin/keytool -import -noprompt -trustcacerts -alias BLCCertificateAuthority -file cacert2035.pem -keystore /opt/weblogic10_3_3/jdk160_18/jre/lib/security/cacerts

          once your certificated is added to your trust store it should work.

          I hope it will help.
          • 2. Re: How to configure SSL certificates on weblogic 10.3.5?
            You didn't answer to my guestion. I asked how can i import a private key, not certificate.

            As weblogic 10.3.5 documentation says:
            "While you can use the keytool utility to generate new key pairs and digital certificates and add them to a keystore, the utility does not allow you to take an existing private key from a file and import it into the keystore. Instead, use the WebLogic ImportPrivateKey utility."

            Anyone any ideas? Need a working solution very badly..

            Karolis M.
            • 3. Re: How to configure SSL certificates on weblogic 10.3.5?

              Your error message says "*Exception in thread "main" java.lang.NoClassDefFoundError: utils.ImportPrivateKey*" which can only happen if you have not set your domain environment before executing java utils.ImportPrivateKey command.

              set domain environment first by executing setDomainEnv.sh or setDomainEnv.cmd (for Windows) from path *$DOMAIN_HOME/bin*.