基于JSSE实现SSL 支持于WebLogic Server 11g

网络安全日益被客户看重，最近很多的客户要求把他们的系统迁移到JSSE的SSL实现上,因为他们需要对系统进行更强的加密要求.

对于使用 WebLogic Server 10.3.2 之前的客户,你需要升级Weblogic Server到最新的11g， 如WLS10.3.6.

因为针对这些版本我们没有办法来支持JSSE SSL的实现.

To enable JSSE in weblogic server 10.3.3 and later, you can add a property to JAVA_OPTIONS as described below:

-Dweblogic.security.SSL.enableJSSE=true (WLS 10.3.3)
http://docs.oracle.com/cd/E14571_01/web.1111/e13707/ssl.htm#BABIJEJD

-Dweblogic.ssl.JSSEEnabled=true (WLS 10.3.4 and later)
http://docs.oracle.com/cd/E21764_01/web.1111/e13707/ssl.htm#BABIJEJD

Additional Details here:
http://docs.oracle.com/cd/E14571_01/web.1111/e13707/ssl.htm#SECMG494

Please notice that as this is a new feature, there are several recommended patches for known issues:

For WebLogic Server 10.3.3:

SHA2 Certificate Throws Log Message "Ignoring The Trusted CA Certificate" (Doc ID

1538488.1)

For WebLogic Server 10.3.5 and 10.3.6 make sure you are using the latest PSU delivered:

e.g:

Oracle WebLogic Server Patch Set Update 10.3.5.0.7 Fixed Bugs List (Doc ID
1544306.1)

Oracle WebLogic Server Patch Set Update 10.3.6.0.9 Fixed Bugs List (Doc ID
1935048.1)