I'm trying to encrypt some plain cleartext strings using weblogic.security.encrypt utility but not sure whether we can use the same encrypted password for a different domain or on a different Weblogic instance (present on a different server).
The situation I have is that I'm generating the encrypted passwords by running the utility from Domain1/bin on WL instance on Server1. The encrypted passwords are used to replace the cleartext passwords in the project and then I build the project, so the encrypted passwords are included in the EAR file. And when that EAR file gets deployed/Run from under the same domain and on same WebLogic server, they get decrypted before usage. BUT what if I deploy this same EAR file to another domain or another WEblogic instance on a different server? Will the passwords get decrypted?
Any help advise will be hugely appreciated!!
Thanks
The correct answer is no. Every time a web-logic server builds a domain, it creates a new security file (SerializedSystemIni.dat). This is the key file used for decryption. Should the correct file not be used for encryption, the decryption will fail(trust me I know!)
So the short answer is, it will not.
The other way to go ab out this is make an encrypted password with encryption done by your key-file and store the password in a properties file. Do standard java encryption and have all the files(including the key-file) be included in your EAR file. This way the password can be viewed but will be encrypted but your application passes clear text that no one can see.
java is very flexible and let you do almost anything and weblogic is cool with that. The later option is the recommended one.