How to configure SSL on Nodemanager for 12c

In Weblogic Server 12.1.2, the java version of Node Manager controls all WLS instances belonging to the same domain.This allows the feasibility to have different nodemanager configurations for different domains.

You can follow the steps below to use one nodemanager per domain running over SSL ( custom identity & custom trust)

1)  Start nodemanager from the following location ( just to create a default nodemanager.properties file).

D:OracleMiddlewarewlserver_12.1serverbinstartNodeManager.cmd

Stop the nodemanager.

2) Copy the nodemanager folder from the this location to your domain folder.

D:OracleMiddlewarewlserver_12.1commonnodemanager

3) Copy startNodeManager.cmd present at the below location to your domain home folder

D:OracleMiddlewarewlserver_12.1serverbinstartNodeManager.cmd

4) Open the script and update the NodeManager home location in the script

set NODEMGR_HOME=D:/Oracle/Middleware/user_projects/domains/base_domain/nodemanager

5) Create Identity Store for the Node Manager in the nodemanger folder.

keytool -genkey -alias mykey -keyalg RSA -keysize 1024 -dname "CN=www.welogic-wonders.com, OU=Customer Support, O=BEA Systems Inc, L=Denver, ST=Colorado, C=US" -keypass mykeypass -keystore identity.jks -storepass mystorepass

keytool -selfcert -v -alias mykey -keypass mykeypass -keystore identity.jks -storepass mystorepass -storetype jks

You can create it anywhere but then you will have to give the complete path in nodemanager.properties file.

6) Add the following in nodemanager.properties file

KeyStores=CustomIdentityAndCustomTrust
CustomIdentityAlias=mykey
CustomIdentityKeyStoreFileName=identity.jks
CustomIdentityKeyStorePassPhrase=password
CustomIdentityKeyStoreType=JKS
CustomIdentityPrivateKeyPassPhrase=password

7) Start your Node Manager from the domain folder at any available port you want.

D:OracleMiddlewareuser_projectsdomainsbase_domain>startNodeManager.cmd localhost 6666

D:OracleMiddlewareuser_projectsdomainsbase_domain>set CLASSPATH=.;D:Oracle
Middlewarepatch_wls1211profilesdefaultsys_manifest_classpathweblogic_patch
.jar;D:OracleMiddlewarejrockit_160_29_D1.2.0-10libtools.jar;D:OracleMiddl
ewarewlserver_12.1serverlibweblogic_sp.jar;D:OracleMiddlewarewlserver_12.
1serverlibweblogic.jar;D:OracleMiddlewaremodulesfeaturesweblogic.server.
modules_12.1.1.0.jar;D:OracleMiddlewarewlserver_12.1serverlibwebservices.j
ar;D:OracleMiddlewaremodulesorg.apache.ant_1.7.1/lib/ant-all.jar;D:OracleM
iddlewaremodulesnet.sf.antcontrib_1.1.0.0_1-0b2/lib/ant-contrib.jar;

D:OracleMiddlewareuser_projectsdomainsbase_domain>if not "" == "" set CLASS
PATH=;.;D:OracleMiddlewarepatch_wls1211profilesdefaultsys_manifest_classpa
thweblogic_patch.jar;D:OracleMiddlewarejrockit_160_29_D1.2.0-10libtools.ja
r;D:OracleMiddlewarewlserver_12.1serverlibweblogic_sp.jar;D:OracleMiddle
warewlserver_12.1serverlibweblogic.jar;D:OracleMiddlewaremodulesfeatures
weblogic.server.modules_12.1.1.0.jar;D:OracleMiddlewarewlserver_12.1server
libwebservices.jar;D:OracleMiddlewaremodulesorg.apache.ant_1.7.1/lib/ant-al
l.jar;D:OracleMiddlewaremodulesnet.sf.antcontrib_1.1.0.0_1-0b2/lib/ant-contr
ib.jar;

D:OracleMiddlewareuser_projectsdomainsbase_domain>if not "" == "" set CLASS
PATH=.;D:OracleMiddlewarepatch_wls1211profilesdefaultsys_manifest_classpat
hweblogic_patch.jar;D:OracleMiddlewarejrockit_160_29_D1.2.0-10libtools.jar
;D:OracleMiddlewarewlserver_12.1serverlibweblogic_sp.jar;D:OracleMiddlew
arewlserver_12.1serverlibweblogic.jar;D:OracleMiddlewaremodulesfeatures
weblogic.server.modules_12.1.1.0.jar;D:OracleMiddlewarewlserver_12.1serverl
ibwebservices.jar;D:OracleMiddlewaremodulesorg.apache.ant_1.7.1/lib/ant-all
.jar;D:OracleMiddlewaremodulesnet.sf.antcontrib_1.1.0.0_1-0b2/lib/ant-contri
b.jar;;

D:OracleMiddlewareuser_projectsdomainsbase_domain>cd D:OracleMiddlewareu
ser_projectsdomainsbase_domainnodemanager

D:OracleMiddlewareuser_projectsdomainsbase_domainnodemanager>if not "6666"
== "" if not "localhost" == "" goto runNMWithListenAddressAndPort

D:OracleMiddlewareuser_projectsdomainsbase_domainnodemanager>"D:OracleMi
ddlewarejrockit_160_29_D1.2.0-10binjava.exe" -jrockit -Xms128m -Xmx256m -Dbea
.home=D:OracleMiddleware -Xverify:none -Djava.endorsed.dirs=D:OracleMiddlew
arejrockit_160_29_D1.2.0-10/jre/lib/endorsed;D:OracleMiddlewarewlserver_12.1
/endorsed "-Djava.security.policy=D:OracleMiddlewarewlserver_12.1serverlib
weblogic.policy" "-Dweblogic.nodemanager.javaHome=D:OracleMiddlewarejrockit_1
60_29_D1.2.0-10" -DListenAddress="localhost" -DListenPort="6666" weblogic.NodeMa
nager -v

Apr 23, 2015 8:30:50 PM weblogic.nodemanager.server.NMServerConfig initDomainsMa
p
INFO: Loading domains file: D:OracleMiddlewarewlserver_12.1commonnodemanage
rnodemanager.domains

Apr 23, 2015 8:30:50 PM weblogic.nodemanager.server.SSLConfig loadKeyStoreConfig

INFO: Loading identity key store: FileName=D:OracleMiddlewareuser_projectsdo
mainsbase_domainnodemanageridentity.jks, Type=JKS, PassPhraseUsed=true

Apr 23, 2015 8:30:50 PM weblogic.nodemanager.server.NMServer 
INFO: Loaded node manager configuration properties from 'D:OracleMiddlewareus
er_projectsdomainsbase_domainnodemanagernodemanager.properties'
Node manager v10.3

Configuration settings:

NodeManagerHome=D:OracleMiddlewarewlserver_12.1commonnodemanager
ListenAddress=localhost
ListenPort=6666
ListenBacklog=50
SecureListener=true
AuthenticationEnabled=true
NativeVersionEnabled=true
CrashRecoveryEnabled=false
JavaHome=D:OracleMiddlewarejrockit_160_29_D1.2.0-10jre
StartScriptEnabled=true
StopScriptEnabled=false
StartScriptName=startWebLogic.cmd
StopScriptName=
LogFile=D:OracleMiddlewarewlserver_12.1commonnodemanagernodemanager.log
LogLevel=INFO
LogLimit=0
LogCount=1
LogAppend=true
LogToStderr=true
LogFormatter=weblogic.nodemanager.server.LogFormatter
DomainsFile=D:OracleMiddlewarewlserver_12.1commonnodemanagernodemanager.do
mains
DomainsFileEnabled=true
StateCheckInterval=500
UseMACBroadcast=false
DomainRegistrationEnabled=false
DomainsDirRemoteSharingEnabled=false

Domain name mappings:


wl_server -> D:OracleMiddlewarewlserver_12.1samplesdomainswl_server
base_domain -> D:OracleMiddlewareuser_projectsdomainsbase_domain
medrec -> D:OracleMiddlewarewlserver_12.1samplesdomainsmedrec

Apr 23, 2015 8:30:51 PM weblogic.nodemanager.server.SSLListener run
INFO: Secure socket listener started on port 6666, host localhost/127.0.0.1

Leave a Reply