Weblogic

3 Ways To Find Your Oracle Weblogic Version

There are at least 3 different ways to find the version of Oracle Weblogic Server that you are running:

  1. Using the registry.xml file located in your MW_HOME directory.
    • example: /u01/weblogic/Oracle/Middleware or E:\Oracle\Middleware
    • Look for a line similar to:
      <component name="WebLogic Server" version="10.3.4.0" InstallDir="/u01/weblogic/Oracle/Middleware/wlserver_10.3">
  2. Using the .product.properties file located in your WLS_HOME directory.
    • example: /u01/weblogic/Oracle/Middleware/wlserver_10.3 or E:\Oracle\Middleware\wlserver_10.3
    • Look for a line similar to:
      WLS_PRODUCT_VERSION=10.3.4.0
  3. Using the Oracle Weblogic Server Administration Console
    • Use the left hand menu to navigate to Environment -> Servers.  Then, click the [Monitoring] tab. You should see a screen similar to the one below:
      Oracle Weblogic Server Administration Console

Common Java KeyTool Commands

Java Keytool Commands for Creating and Importing

The commands below allow you to generate a new Java Keytool keystore file, create a CSR, and import certificates. Any root or intermediate certificates will need to be imported before importing the primary certificate for your domain.

  • Generate a Java keystore and key pair
    keytool -genkey -alias mydomain -keyalg RSA -keystore keystore.jks -keysize 2048
  • Generate a certificate signing request (CSR) for an existing Java keystore
    keytool -certreq -alias mydomain -keystore keystore.jks -file mydomain.csr
  • Import a root or intermediate CA certificate to an existing Java keystore
    keytool -import -trustcacerts -alias root -file Thawte.crt -keystore keystore.jks
  • Import a signed primary certificate to an existing Java keystore
    keytool -import -trustcacerts -alias mydomain -file mydomain.crt -keystore keystore.jks
  • Generate a keystore and self-signed certificate
    keytool -genkey -keyalg RSA -alias selfsigned -keystore keystore.jks -storepass password -validity 360 -keysize 2048

Java Keytool Commands for Checking

Use these commands to check the information within a certificate or Java keystore.

  • Check a stand-alone certificate
    keytool -printcert -v -file mydomain.crt
  • Check which certificates are in a Java keystore
    keytool -list -v -keystore keystore.jks
  • Check a particular keystore entry using an alias
    keytool -list -v -keystore keystore.jks -alias mydomain

Other Java Keytool Commands

  • Delete a certificate from a Java Keytool keystore
    keytool -delete -alias mydomain -keystore keystore.jks
  • Change a Java keystore password
    keytool -storepasswd -new new_storepass -keystore keystore.jks
  • Export a certificate from a keystore
    keytool -export -alias mydomain -file mydomain.crt -keystore keystore.jks
  • List Trusted CA Certs
    keytool -list -v -keystore $JAVA_HOME/jre/lib/security/cacerts
  • Import New CA into Trusted Certs
    keytool -import -trustcacerts -file /path/to/ca/ca.pem -alias CA_ALIAS -keystore $JAVA_HOME/jre/lib/security/cacerts

EnterpriseOne Business Services (BSSV) Error: Security Token Failed To Validate

Every once in a while we get the following error on a system that interacts with EnterpriseOne using business services (BSSV).

Security token failed to validate. weblogic.xml.crypto.wss.SecurityTokenValidateResult@2eba8ea[status: false][msg UNT Error:Message Created time past the current time even accounting for set clock skew]

Fortunately, until today, this error was always received when using our test environment and we couldn’t get it to be consistent so it went unresolved. Well, today was the day it hit production. So, after a little research I was able to find the solution:

  1. Login to the Weblogic Serve Administration Console
  2. Click Environment
  3. Click Servers
  4. Click the server you want to work with
  5. Click the [Configuration] tab
  6. Click the [Server Start] tab
  7. Add the following to the Arguments textarea:

Oracle Weblogic Clock Skew