The
title of this blog may seem a bit cryptic…. In this article I’d like
explain some basics of the the SSL implementation in WebLogic. This blog
is meant for people who are not familiar with SSL, especially in
combination with WebLogic. In my experience, SSL is usually a bit of a
black box for many junior and medior administrators who work with
middleware, so I will try to clarify some of it in special relation to
WebLogic. To understand this, there are also some generic parts to
discuss. SSL is a technique to secure a point-to-point socket
connection, in the so-called transport layer which will be secured. It
provides secure connections for interfaces or (web) applications to
connect and authenticate each other’s identity, and by encrypting the
data traffic between those interfaces or application back ends.
Authentication allows a server, and sometimes optionally, a client to
verify the identity of the application on the other end of a network
connection. SSL uses the public key encryption technology for this. With
public key encryption, a public key and a private key can be generated
for a back-end server. This key is used to encrypt data before sending.
After the client has recieved the key, it can decrypt it using that same
key. So data encrypted with the public key can only be decrypted using
the corresponding private key and vice versa. It’s is like sending a
locked safe with some transportcompany along with a note which contains
the unlock combination. The public key is embedded in a digital
certificate with additional information about the initiator of the key.
This information may consist of name, street address, email address,
company information and some geographic information. A private key and a
digital certificate provide an identity for the server. The data
embedded in a digital certificate is verified by a certificate authority
and digitally signed with the certificate authority’s digital
certificate. Well-known certificate authorities include Verisign and
Entrust.net. The trusted certificate authority (CA) certificate
establishes trust for a certificate. Below is an overview of a “happy
SSL flow”:SSLflow
Read more at: http://www.qualogy.com/encrypt-decrypt-way-weblogic-ssl/
For regular information become a member in the WebLogic Partner Community please visit: http://www.oracle.com/partners/goto/wls-emea ( OPN account required). If you need support with your account please contact the Oracle Partner Business Center.
