SSL (t3s) connection to Weblogic AdminServer – WLST (example)

Leave a Comment / By /
  • Given the AdminServer (weblogic)
  • We would like to connect to AdminServer using t3s (secure) protocol.
  • We can make the SSL connection by using any of the following truststores:
    • JavaStandardTrust (default truststore for SSL communication)
    • DemoTrust
    • CustomTrust
  • We will use default truststore to make SSL (t3s) connection to AdminServer.
  • To Initiate the SSL connection, the JavaStandardTrust should have public certificate(s) of AdminServer.
  • So, If public certificate(s) of AdminServer is not there in JavaStandardTrust, then
    • Export the public certificate(s) of AdminServer after following the LINK
    • Suppose, we have saved the public certificate as MyServerCertificate.cer
    • Now, we need to import the public certificate to JavaStandardTrust store
      • JavaStandardTrust path for windows would be %JAVA_HOME%\jre\lib\security\cacerts and for Linux it would be $JAVA_HOME\jre\lib\security\cacerts
      • Now, import the certificate to windows JavaStandardTrust using keytool (similarly, we can import the certificate in linux truststore).
keytool -import -alias "<Any Unique Alias Name>" -keystore <path of JavaStandardTrust>  -file "<path of public certificate>
 
keytool -import -alias "AnyAliasName" -keystore "%JAVA_HOME%\jre\lib\security\cacerts"  -trustcacerts -file "MyServerCertificate.cer"

After, we have imported the certificate to JavaStandardTrust store, we can make a  secure SSL connection to AdminServer using t3s protocol.

#Ignore hostname verification
System.setProperty("weblogic.security.SSL.ignoreHostnameVerification", "true")
 
#Make t3s connection with AdminServer, t3s://:
adminURL = "t3s://slc07fic.us.oracle.com:7002"
connect("weblogic","welcome2", adminURL)

Output: SSL connection to weblogic admin server using t3s protcol:

c:\fmw_12.2.1.3.0\wls12213\oracle_common\common\bin>java -Dweblogic.security.SSL.ignoreHostnameVerification=true weblogic.WLST
 
Initializing WebLogic Scripting Tool (WLST) ...
 
Welcome to WebLogic Server Administration Scripting Shell
 
Type help() for help on available commands
 
wls:/offline> adminURL = "t3s://myAdminServerHost:7002"
wls:/offline>
wls:/offline> connect("weblogic","welcome2", adminURL)
Connecting to t3s://myAdminServerHost:7002 with userid weblogic ...
     
     
     
Successfully connected to Admin Server "AdminServer" that belongs to domain "osb_domain".
 
wls:/osb_domain/serverConfig/>

You may also like:

Check whether particular application is deployed in AdminServer (WLST)

List deployed applications in weblogic Admin Server (WLST/example)

Get targets of deployed application in weblogic admin server (WLST)

WLST – List server status in weblogic domain (python script/example)

Install/deploy application to weblogic admin server – WLST (script/example)

Script: get running/active servers in weblogic (wlst/python)

Get jvm heap params of remote server in weblogic domain (WLST)