SSL undertaking

Life has been great to me at work but my expectations never perished. Last week, I kicked off a project on porting our entire application (CMP) over SSL 3.0 as a requirement from some clients, one of them being Comcast. Company already supporting Weblogic 7 and 8, I thought that holding SSL on 8 first might be a smarter idea since BEA itself could give everyone a farewell party soon after launching version 10. After all, why should they endorse something which is more than 2 versions old?

Now here when it gets more interesting. Weblogic 6 supported flat files to support private keys/public certificate whereas WL 8 supported the concept of keystores only as flat files became deprecated. Always dependent on Google, I found an interesting viewlet which lists steps on how to configure Weblogic 8 over SSL. Tons of issues barricaded my progress due to which I had to open a support case with BEA customer service. At the end of the day, I found out that a trial SSL certificate supports a common keystore only and that this applies to a one-way server authentication simply. Cool - doc was so much up-to-date! Even before I fell into this, I was able to solve most of the Java exceptions thru forums. But what struck me into the head was that the support closed the case with a resolution which was totally absurd. They never accepted their mistake on thier documentation, one of the reasons being who has the time to update their site.

Finally, after having CMP ported to SSL - my next challenge was what if Comcast sticks to Weblogic 7? Now - you dont want to shoot your feet, would you? IT industry is already on version 9 and we start something new for them which is 2 versions old. Then I decided that there is no point me taking that decision and I must do my part. I followed the same steps using keystores on 7 which supports keystores as well as flat files and it blew up on me - Yuk. Page cannot be displayed: what do you mean?

Investigation continues...