I am trying to enable SSL on WebLogic 12cR2 using a wildcard certificate. The certificate was signed by a trusted CA (I changed the domain name for this post) and the DNS infrastructure resolves the host names to the actual IPs.
Even though I have configured managed server to use the wildcard verfier (SSLWLSWildcardHostnameVerifier) using the the Admin Service GUI (and it is reflected in the config.xml), and on the command line when starting the managed server, the managed server does not seem to be using it, and declares that the verficiation failed because:
Certificate contained *.test.example.com but check expected moos-wls-1.test.example.com
I see in the startup output, that it is not using the wildcard verifier:
Using the default WebLogic SSL Hostname Verifier implementation
HTTPS access to the Web interfaces for both the Admin Server and the managed server work fine.
Is there some more I need to do to use a wildcard certificate?
Same scenario and same problem. I was able to fix it by adding this to the setDomainEnv.cmd script:
On the next startup of the managed server the output changed from
Using the default WebLogic SSL Hostname Verifier implementation to
Using the configured custom SSL Hostname Verifier implementation: weblogic.security.utils.SSLWLSWildcardHostnameVerifier.
Before the change I had this problem as well:
<BEA-141151> <The Administration Server could not be reached at https://xxx:9501.>
<BEA-150018> <This server is being started in Managed Server independence mode in the absence of the Administration Server.>
I hope this will help someone, most topics and official support notes I have found on this just talk about disabling the hostname verification.
Dinner will be steamed monkey heads with a side of tiny ads.
Devious Experiments for a Truly Passive Greenhouse!