Technical data

13 Installing and Configuring the Netscape Enterprise Server Plug-In (NSAPI)

13-10 Administration Guide

The WebLogic Server proxy plug-in does not use the transport protocol (http or

https) specified in the HTTP request (usually by the browser) to determine whether

or not the SSL protocol will be used to protect the connection between the Netscape

Enterprise Server Plug-In and WebLogic Server.

Note: You cannot configure a 2-way SSL between the Netscape Enterprise Server

and WebLogic Server. The SSL protocol is a point-to-point connection,

cyptographically sealed end-to-end. Therefore, any type of proxy or firewall

cannot see into the SSL socket. The Netscape Enterprise Server acts as the

server end-point in the SSL connection. The configuration is:

client-->2-way SSL-->NSAPI<--1-way SSL<--WebLogic Server

The Netscape Enterprise Server cannot use the digital certificate from the first

SSL connection in the second SSL connection because it cannot use the

client’s private key.

Configuring SSL

To use the SSL protocol between Netscape Enterprise Server Plug-In and WebLogic

Server:

1. Configure WebLogic Server for SSL. For more information, see “Configuring the

SSL Protocol” on page 14-46.

2. Configure the WebLogic Server SSL listen port. For more information, see

“Configuring the Listen Port” on page 8-5.

3. Set the

WebLogicPort parameter in the Service directive in the obj.conf file

to the listen port configured in step 2.

4. Set the

SecureProxy parameter in the Service directive in the obj.conf file

file to

ON.

5. Set additional parameters in the

Service directive in the obj.conf file that

define information about the SSL connection. For a complete list of parameters,

see “SSL Parameters for Web Server Plug-Ins” on page -13.