How to Switch from DES to AES when DES is used for password encryption in WebLogic (Doc ID 1326552.1)

Last updated on NOVEMBER 05, 2016

Applies to:

Oracle WebLogic Server - Version 10.3.4 and later
Information in this document applies to any platform.
***Checked for relevance on 31-Jul-2013***

Goal

When upgrading from older versions of WebLogic Server that used old security algorithms, it can be observed that encryption hashes are passed through without any change. In this case, in order to enhance security, it may be recommended to recreate related files to impose newest security algorithm available.

Is it possible to use Advanced Encryption Standard (AES) algorithm to encrypt WebLogic Server 10.3.x passwords in "config.xml" when encrypted values show a {3DES} header?

Solution

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms