Oracle Weblogic Server (MOSC)

MOSC Banner

weblogic.security.CustomTrustKeyStorePassPhrase password appears in ear file with plain text.

edited Nov 12, 2013 7:22AM in Oracle Weblogic Server (MOSC) 3 commentsAnswered
Hi All,

I was looking at the Test page for one of my Weblogic apps and I noticed that under the System Properties section it lists the contents of this value:

weblogic.security.CustomTrustKeyStorePassPhrase=

the passphrase should be encrypted before it appears in the webpage when we access but it doesn't happen and passwords appears in plain text. 

Typically, WLS will encrypt the password inside several WLS Config files( when I look at the server configuration I see everywhere the passphrase is encrypted but not sure where this plain text password defined. 

Someone suggested me: 
This property should be in security file: ${DOMAIN_HOME}/servers/<serverName>/security/boot.properties .

Howdy, Stranger!

Log In

To view full details, sign in to My Oracle Support Community.

Register

Don't have a My Oracle Support Community account? Click here to get started.

Category Leaderboard

Top contributors this month

Instructions for posting

×

1. Select a discussion category from the picklist.


2. Enter a title that clearly identifies the subject of your question.


3. In the body, insert detailed information, including Oracle product and version.


Please abide by the Oracle Community guidelines and refrain from posting any customer or personally identifiable information (PI/CI).


Cloud / Fusion customers - Our Cloud community has moved! Please go to Cloud Customer Connect .


New to My Oracle Support Community? Visit our Welcome Center

MOSC Help Center