Weblogic Certificate Renewal for existing or new certs with commands

Below are commands to renew an existing or create a new certificate request.

Weblogic Cert Commands:
1 - List the keys:
keytool -list -v -keystore identity.jks -storepass password

2 - Generate a new Key Pair & Java Keystore:

keytool -genkey -alias mydomain -keyalg RSA -keystore keystore.jks -keysize 2048

OR

2 - Generate CSR for existing Java Keystore:

keytool -certreq -alias mydomain -keystore keystore.jks -file mydomain.csr

3 - Import the cert once received from CA:

keytool -import -keystore xxxxx.jks -alias xxxxx -keypass weblogic -storepass weblogic -file xxxx.cer

Once done You need to configure same alias name in the managed server SSL setting.

PS: We need to enable JSSE in weblogic for SHA2 certs. Prior to 12.1.1 version.

Leave a Reply