Posted On: November 5, 2020

Decrypt your boot.properties file using the WebLogic Scripting Tool (wlst) on your JD Edwards EnterpriseOne WebLogic Server

Description

After setting up WebLogic and configuring your boot.properties files, WebLogic encrypts both the username and password that is being used to start AdminServer or your JD Edwards EnterpriseOne instances.  Now, you need the WebLogic username and/or password.  Perhaps, it was configured by a previous administrator and they did not document the password, or perhaps the wrong username or password were recorded.  Here is a description of how you can use the WebLogic Scripting Tool (wlst command) to decrypt the boot.properties file to retrieve the WebLogic username and/or password being used to start AdminServer or your E1 instances.

Resolution
  • Login to your WebLogic server (for Windows, open an administrative command prompt). Your boot.properties file should be located under a similar directory structure as “D:\Oracle\Middleware\Oracle_Home\user_projects\domains\base_domain\servers\Adminserver\security”.
  • Make note of the contents of your boot.properties file.  You will need to paste that information into the decrypt command below.
  • Change the directory to the wlst command location using the following command:
cd D:\Oracle\Middleware\Oracle_Home\oracle_common\common\bin <enter>

Run the wlst command:

For Unix, enter:

./wlst.sh  <enter>

For Windows, enter:

Wlst <enter>
  • Then enter the following commands, be sure to use the domain location for your installation.
domain = "D:\Oracle\Middleware\Oracle_Home\user_projects\domains\base_domain"   <enter>
service = weblogic.security.internal.SerializedSystemIni.getEncryptionService(domain)   <enter>
encryption = weblogic.security.internal.encryption.ClearOrEncryptedService(service)   <enter>

(the following is all on one line)

print "Weblogic server password is: %s"    %encryption.decrypt("{AES}PxUFcjPgE5Wcki99zhQfGRa24n4paKBGGMWd4TjIjY\=")

Where AES}PxUFcjPgE5Wcki99zhQfGRa24n4paKBGGMWd4TjIjY\= is copied from the password entry of the boot.properties file.

If you receive this error, “weblogic.security.internal.encryption.EncryptionServiceException: weblogic.security.internal.encryption.EncryptionServiceException: com.rsa.jsafe.JSAFE_InputException: Invalid input”, remove the \ in the pasted encrypted string and rerun the last command.

Your results will display as:

WebLogic server password: YourPassword

You now know your WebLogic server password, please make note of this password in your password management system.  Press Ctrl – C to exit the wlst scripting tool.

Note: you can also enter the string for username from the boot.properties file if that is unknown.