免费注册 查看新帖 |

Chinaunix

  平台 论坛 博客 文库
最近访问板块 发新帖
查看: 16504 | 回复: 0

[WebLogic] 使用wlst配置密钥库和SSL [复制链接]

论坛徽章:
3
CU大牛徽章
日期:2013-03-13 15:29:07CU大牛徽章
日期:2013-03-13 15:29:49CU大牛徽章
日期:2013-03-13 15:30:19
发表于 2015-07-01 14:23 |显示全部楼层
本帖最后由 Ajax0816 于 2015-07-01 14:24 编辑

我在使用wlst进行配置密钥库和SSL时,总是跟我手工配置的,所生成的config.xml不一样,console看着倒是没啥差别,麻烦大神帮我看下是什么问题?还有就是配置密码时CustomIdentityKeyStorePassPhrase,总是不识别,不知道为什么?
版本weblogic1213
下面是我的脚本
cd('/')
create('ManagedServer8002', 'Server')
cd('Server/ManagedServer8002')
set('ListenPort', 8002)
set('ListenAddress', '10.11.0.87')
set("KeyStores", 'CustomIdentityAndCustomTrust')
set("CustomIdentityKeyStoreType", 'JKS')
set("CustomTrustKeyStoreType", 'JKS')
#set("CustomIdentityKeyStorePassPhrase", "password")
set("CustomTrustKeyStoreFileName", '/home/ca/serverstore')
set("CustomIdentityKeyStoreFileName", '/home/ca/serverstore')

create('ManagedServer8002','SSL')
cd('SSL/ManagedServer8002')
set("HostnameVerificationIgnored", 'true')
set("TwoWaySSLEnabled", 'false')
set("ClientCertificateEnforced", 'false')
set("ServerPrivateKeyAlias", 'server')
#set("ServerPrivateKeyPassPhrase", 'password')
运行后,configx.xml如下
<server>
    <name>ManagedServer8002</name>
    <ssl>
      <name>ManagedServer8002</name>
      <hostname-verifier>None</hostname-verifier>
      <hostname-verification-ignored>true</hostname-verification-ignored>
      <listen-port>7002</listen-port>
      <server-private-key-alias>server</server-private-key-alias>
    </ssl>
    <listen-port>8002</listen-port>
    <listen-address>10.11.0.87</listen-address>
    <key-stores>CustomIdentityAndCustomTrust</key-stores>
    <custom-identity-key-store-file-name>/home/ca/serverstore</custom-identity-key-store-file-name>
    <custom-identity-key-store-type>JKS</custom-identity-key-store-type>
    <custom-trust-key-store-file-name>/homeca/serverstore</custom-trust-key-store-file-name>
    <custom-trust-key-store-type>JKS</custom-trust-key-store-type>
  </server>
我想要达到的效果,config.xml(手工操作时生成的)
<server>
    <name>ManagedServer8002</name>
    <ssl>
      <hostname-verifier xsi:nil="true"></hostname-verifier>
      <hostname-verification-ignored>true</hostname-verification-ignored>
      <client-certificate-enforced>false</client-certificate-enforced>
      <two-way-ssl-enabled>false</two-way-ssl-enabled>

      <server-private-key-alias>server</server-private-key-alias>
      <server-private-key-pass-phrase-encrypted>{AES}KwY1tQFzeDsOzzhJlfrmrYGJbbigL+5hPFLv2ptZnsI=</server-private-key-pass-phrase-encrypted>
    </ssl>
    <listen-port>8002</listen-port>
    <listen-address>10.11.0.87</listen-address>
    <key-stores>CustomIdentityAndCustomTrust</key-stores>
    <custom-identity-key-store-file-name>/home/ca/serverstore</custom-identity-key-store-file-name>
    <custom-identity-key-store-type>JKS</custom-identity-key-store-type>
    <custom-identity-key-store-pass-phrase-encrypted>{AES}KBwCOEK+ewQDfno5e+Z0sRH/zRuqYspliHbPN6cp5oM=</custom-identity-key-store-pass-phrase-encrypted>
    <custom-trust-key-store-file-name>/home/ca/serverstore</custom-trust-key-store-file-name>
    <custom-trust-key-store-type>JKS</custom-trust-key-store-type>
  </server>
您需要登录后才可以回帖 登录 | 注册

本版积分规则 发表回复

  

北京盛拓优讯信息技术有限公司. 版权所有 京ICP备16024965号-6 北京市公安局海淀分局网监中心备案编号:11010802020122 niuxiaotong@pcpop.com 17352615567
未成年举报专区
中国互联网协会会员  联系我们:huangweiwei@itpub.net
感谢所有关心和支持过ChinaUnix的朋友们 转载本站内容请注明原作者名及出处

清除 Cookies - ChinaUnix - Archiver - WAP - TOP