Showing posts from October, 2012

Enabling SSL Termination for OAM and OAAM

Some components of the identity stack need to verify the user connected via SSL.

If you are proxying connections through OHS to your OAM servers you can set up OHS to terminate SSL and pass through the connection to OAM (usually running on port 14100). But there is a little trick that is needed to tell Weblogic that the connection is secure - even though it may be coming in over a non secure port (14100).

Chris Johnson has a comprehensive write up on SSL offloading which covers the more complex scenario where an external load balancer is doing the termination.

The recipe I describe here is for the simpler case where OHS is terminating SSL and forwarding the connections to OAM vi the mod_weblogic plugin.

First validate that your Weblogic domain has the Weblogic Plugin enabled (see Chris's article above). I found that it was enabled by default. YMMV.

Login to /oamconsole and navigate to

System Configuration -> Access Manager -> Access Manager Settings

Edit your load balancer …