There might be situation while working in a Middleware team where Oracle WebLogic environment setup is done by someone else, or you don’t know the password, but you have the server access.
If you are in such situation and need to know the password, then the following would be handy to decode it.
Decrypting WebLogic Console Password
This assumes you had server access and logged in with the respective UNIX account.
Go to Oracle bin directory (oracle_home/common/bin)E
Execute the wlst.sh
./wlst.sh
You will get WLST prompt in offline mode, invoke the following command
wls:/offline> domain = "/opt/apps/user_projects/domains/domain_name"
Note: change the domain path if necessary
wls:/offline> service = weblogic.security.internal.SerializedSystemIni.getEncryptionService(domain)
wls:/offline> encryption = weblogic.security.internal.encryption.ClearOrEncryptedService(service)
wls:/offline> print encryption.decrypt("{AES}WDhZb5/IP95P4eM8jwYITiZs01kawSeliV59aFog1jE=")
weblogic123
wls:/offline>
Note: encrypted code starting with AES you can find in a boot.properties file.
As you can see the password is decoded – weblogic123
Decrypting WebLogic Java Keystore Password
If you are not sure what the password is for your WebLogic Java keystore, then you can use the following wlst method to decode it.
Invoke wlst.sh from Oracle home>>bin directory and execute the below commands
wls:/offline> domain = "/opt/apps/user_projects/domains/domain_name"
Note: Change the domain path if necessary
wls:/offline> service = weblogic.security.internal.SerializedSystemIni.getEncryptionService(domain)
wls:/offline> encryption = weblogic.security.internal.encryption.ClearOrEncryptedService(service)
wls:/offline> print encryption.decrypt("{AES}WDhZb5/IP95P4eM8jwYITiZs01kawSeliV59aFog1jE=")
weblogic123
wls:/offline>
Note: encrypted string starting with AES, you can find in config.xml
You may face the following issue while decrypting.
wls:/offline> print encryption.decrypt("{AES}yM9zSPu4d57o83Hi3yromUP3Vzu+FUTpHMwl1U90kMM=")
Traceback (innermost last):
File "<console>", line 1, in ?
at weblogic.security.internal.encryption.JSafeEncryptionServiceImpl.decryptBytes(JSafeEncryptionServiceImpl.java:139)
at weblogic.security.internal.encryption.JSafeEncryptionServiceImpl.decryptString(JSafeEncryptionServiceImpl.java:187)
at weblogic.security.internal.encryption.ClearOrEncryptedService.decrypt(ClearOrEncryptedService.java:96)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
weblogic.security.internal.encryption.EncryptionServiceException: weblogic.security.internal.encryption.EncryptionServiceException
If you are encountering the above error, then you got to remove the forward symbol at the end.
From
wls:/offline> print encryption.decrypt("{AES}yM9zSPu4d57o83Hi3yromUP3Vzu+FUTpHMwl1U90kMM=")
To
wls:/offline> print encryption.decrypt("{AES}yM9zSPu4d57o83Hi3yromUP3Vzu+FUTpHMwl1U90kMM=")
I hope the above quick instructions help you in decrypting password for WebLogic Console and Java keystore.
Interested in learning Oracle WebLogic administration? Check out this online course.
Article by Yagnam Amarender Reddy
