Why are Encrypted Passwords not Rehashed During a Domain Upgrade? Should this be an Enhancement?
(Doc ID 1531376.1)
Last updated on AUGUST 31, 2020
Applies to:Oracle WebLogic Server - Version 10.3.4 and later
Information in this document applies to any platform.
When a domain is upgraded, passwords for external LDAP providers, JDBC connection pools, keystores, truststores, and so on, are not changed. This includes upgrades which include a change to the default encryption algorithm (for example, when DES was replaced by AES). Why is there not a separate module which can re-encrypt such passwords automatically, and why is the upgrade utility incapable of doing this by itself?
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document