1
Upgrading WebLogic Server 6.x to Version 7.0
1-14
BEA WebLogic Server 7.0 Upgrade Guide
Using a CertAuthenticator that needs to be changed may result in access being denied
in WebLogic Server 7.0, but allowed in WebLogic Server 6.x. To change the
CertAuthenticator, have it return
NULL
for unrecognized certs, or for all certs, if certs
are only being used to make an SSL connection.
In WebLogic Server 7.0, X.509 Identity Assertion is turned off by default. If your
WebLogic Server 6.x
config.xml
file used a CertAuthenticator you need to manually
configure the X.509 identity assertion when using Compatibility security. You enable
X.509 identity assertion by configuring options on the Realm Adapter Authentication
provider. In the WebLogic Server Administration Console while running in
Compatibility security:
1. Click on the Security node.
2. Click on the Realms node.
3. Click on the CompatibilityRealm node.
4. Click on the Providers node.
5. Click on the Authentication Providers node.
6. Click on the RealmAdapterAuthenticator node.
The General tab appears.
7. Enter
X.509
in the Active Types box.
8. Click Apply to save your change.
9. Reboot the WebLogic Server.
Cipher Suites
If you have trouble with your Certicom cipher suite, see the information about issue
073360 in the
Release Notes
.