run
java weblogic.WLST
Welcome to WebLogic Server Administration Scripting Shell
Type help() for help on available commands
import weblogic.security.internal.SerializedSystemIni
import weblogic.security.internal.encryption.ClearOrEncryptedService
es=weblogic.security.internal.SerializedSystemIni.getEncryptionService(".")
ces=weblogic.security.internal.encryption.ClearOrEncryptedService(es)
ces.decrypt("{AES}9P7z/8D7ccvDWhBmqa0NEhR1b65BlFuBeVQ3WpwJHTI=")
'weblogic'
ces.decrypt("{AES}Tlxc7yoE4BGQS2k5XBsMX/Kx4XgEBAcPqzXH7PP5zSI=")
'weblogic22'
the 2 strings used as parameters to decrypt should be copied from boot.properties file
very appreciated courtesy of Simon Vans-Colina
You could receive this exception:
weblogic.security.internal.encryption.EncryptionServiceException: weblogic.security.internal.encryption.EncryptionServiceException: com.rsa.jsafe.JSAFE_PaddingException: Could not perform unpadding: invalid pad byte.
In this case, I have no clue.
An alternative approach could be this:
http://weblogictips.wordpress.com/wls-security/
just replacing the LDIF file with a brand new one
To encrypt a paassword:
dom
cd bin
. ./setDomainEnv.sh
java weblogic.security.Encrypt
Password: (enter password here)
{AES}aRC9klq8c5CljKpshacfrsc7WFNB49mfQG+MtuCDgFg=
you can now use the AES password in all weblogic files.
3 comments:
Thank you for this post. I could recover all the passwords for my domain.
Keep up the good work.
Good One.
I tried teh same for {3DES} format but it gives me error. Any idea why?
my good friend Chris wrote something about 3DES here
http://datalinks.nl/wordpress/?p=16
Post a Comment