Resolution
To generate a CSR for BEA Weblogic Server 5.0 follow the instructions below:
- Start WebLogic web server. Note Port 7001 for http and Port 7002 for https (SSL).
- Start the "Certificate Request Generator".
a. Start your web-browser.
b. Start the Certificate Generator: http://servername:port/Certificate - Fill in the fields for the Certificate Signing Request.
- Click "Generate Request" This process creates 3 files in the serverroot directory - the private key, and the certificate signing request in both binary and text formats.
- Copy the Certificate Signing Request and then request the certificate online. Be sure to include:
-----BEGIN NEW CERTIFICATE REQUEST-----
and -----END NEW CERTIFICATE REQUEST-----
These are the files created:
a. www_domainname_com-key.der - This is the private key file
b. www_domainname_com-request.dem - Certificate Request in Binary format
c. www_domainname_com-request.pem - Certificate Request in text format
Please make backups to removable disks.
To generate a CSR for BEA Weblogic Server 5.1 follow the instructions at: http://www.weblogic.com/docs51/classdocs/API_secure.html
To generate a CSR for BEA Weblogic Server 6.0 follow the instructions below:
- If your sever has 512-encryption strength you can upgrade to 1024-encryption strength by updating the license. Please contact you BEA Sales representative to verify your server is upgradeable and to obtain the necessary license files. You can contact BEA support at http://support.bea.com/index.jsp
- Once the server is upgraded, generate a new key request:
a. Open a browser and go to the certificate tool: http://[server]/certificate.
b. Follow the instructions to generate a key. Be sure to enter the correct company name.
c. Three files will be generated: two versions of the key request and a der file which is the key.
d. Launch the PKI tool and when prompted for the certificate text, use one of the key request files generated. Submit request string to Thawte.
To generate a CSR for BEA Weblogic Server 7.0 follow the instructions at the link below:
http://e-docs.bea.com/wls/docs70/secmanage/ssl.html#1167001
To generate a CSR for BEA Weblogic Server 8.1 follow the instructions at the link below:
http://e-docs.bea.com/wls/docs81/secmanage/ssl.html#1190032
To generate a CSR for BEA Weblogic Server on apache follow the instructions at the link below:
http://edocs.bea.com/wls/docs61/adminguide/apache.html#103803
To generate a CSR for BEA Weblogic Server on nt follow the instructions at the link below:
http://edocs.bea.com/wls/docs61/adminguide/isapi.html#104003
To generate a CSR for BEA Weblogic Server on iplanet follow the instructions at the link below:
http://edocs.bea.com/wls/docs61/adminguide/nsapi.html#104397
5BEA WebLogic Server security tips can be found at the following link:
http://edocs.bea.com/wls/docs61/adminguide/cnfgsec.html#1052257
NOTE: In the interest of better security and the enablement of greater trust, we have decided that 1024-bit keys will now be the minimum strength used in the issuance of Thawte digital certificates.
