weblogic.security.CustomTrustKeyStorePassPhrase password appears in ear file with plain text.
Hi All,
I was looking at the Test page for one of my Weblogic apps and I noticed that under the System Properties section it lists the contents of this value:
weblogic.security.CustomTrustKeyStorePassPhrase=
the passphrase should be encrypted before it appears in the webpage when we access but it doesn't happen and passwords appears in plain text.
Typically, WLS will encrypt the password inside several WLS Config files( when I look at the server configuration I see everywhere the passphrase is encrypted but not sure where this plain text password defined.
Someone suggested me:
This property should be in security file: ${DOMAIN_HOME}/servers/<serverName>/security/boot.properties .
0