Is it possible to disable ssl certificate download in Weblogic server
Question
It's for personal test. I use weblogic server 12.2.1. I enabled ssl, I can access to my server by https with my web browser, when I do it, it proposes me to donwload the server certificate, all it's ok.
But I want to disable this donwload of certificate, and access to the server only by installing manualy the certificate in my web browser. Is it possible to disable this download function in Weblogic ?
1 answers
solution1
1 2020-07-17 06:12:18
Let's get one thing clear, there is no setting in browser that allows user to not to download SSL cert from server and instead provide them directly to browser. And there is not setting in any server that allows user to invoke it's api without providing SSL cert from server to client/browser. Main purpose of SSL/TLS handshake between client/browser and server is to check if the cert of server is valid, makes sure that the server is who it says it is and transfer server's public key to client/browser.
It is a security breach to allow a user to tamper the cert and provide it manually instead of downloading from the server, then there would be no point of green label in the top left of the browser.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.