SSL JNDI Client 2 way SSL with Weblogic

This is a Simple demonstration of doing a JNDI lookup using 2 Way SSL client.

Step-1). Create Self Signed Certificate using Open SSL

openssl genrsa 1024 > host.key

openssl req -new -x509 -nodes -sha1 -days 365 -key host.key > host.der

set WLS Environment and convert the der file to pem using the following command line

java utils.der2pem host.der

Step-2). Configure WLS for two way SSL.

Enable SSL on the Server.

Then got to

AdminServer > Configuration > SSL

Click Advanced and Set

Hostname Verification: NONE
Two Way Client Cert Behavior: Client Certs Requested But Not Enforced
Import the certificate into the truststore of WLS

C:beabea1032wlserver_10.3serverlib>keytool -v -import -file host.crt -keystore DemoTrust.jks -storepass DemoTrustKeyStorePassPhrase

Owner: CN=myhost, C=IN, ST=MH, L=Pune, EMAILADDRESS=test@MyOrganization, OU=Oracle, O=MyOrganization

Issuer: CN=myhost, C=IN, ST=MH, L=Pune, EMAILADDRESS=test@MyOrganization, OU=Oracle, O=MyOrganization
Serial number: c289a1692a6e8890
Valid from: Wed Jun 09 11:47:27 IST 2010 until: Thu Jun 09 11:47:27 IST 2011
Certificate fingerprints:
MD5: E1:A2:90:AA:D4:12:2E:C2:9E:94:15:81:65:40:47:EB
SHA1: 04:CA:6C:90:B9:3F:EE:DF:8A:81:AB:9F:73:C3:10:FE:95:D4:A8:71
Signature algorithm name: SHA1withRSA
Version: 1
Trust this certificate? [no]:
Certificate was not added to keystore
Restart Server

Step-3). Compile SSLJNDIClient and run it with the following command line

java -Dweblogic.security.TrustKeyStore=DemoTrust -Dweblogic.security.SSL.ignoreHostnameVerification=true -Dssl.debug=true SSLJNDIClient

“SSLJNDIClient.java”
import javax.naming.Context;
import javax.naming.InitialContext;
import javax.naming.NamingException;
import weblogic.jndi.Environment;
import weblogic.security.PEMInputStream;
import java.io.InputStream;
import java.io.FileInputStream;

public class SSLJNDIClient
{
public static void main(String[] args) throws Exception
{
Context context = null;
try {
Environment env = new Environment();
env.setProviderUrl(“t3s://localhost:7002?);
env.setSecurityPrincipal(“weblogic”);
env.setSecurityCredentials(“weblogic123?);
InputStream key = new FileInputStream(“host.key”);
InputStream cert = new FileInputStream(“host.pem”);
key = new PEMInputStream(key);
cert = new PEMInputStream(cert);
env.setSSLClientCertificate(new InputStream[] { key, cert});
env.setInitialContextFactory(Environment.DEFAULT_INITIAL_CONTEXT_FACTORY);
context = env.getInitialContext();
context.bind(“name”,new String(“hello”));
}
finally {
if (context != null) context.close();
}
}
}

Check the JNDI for the Object Bound