Search this blog ...

Saturday, April 13, 2013

Recover / Decrypt Weblogic password from

When installing a Weblogic domain in development mode, the Configuration wizard will generate a boot identity file for the administration server containing the encrypted username and password of the initial administrative user. These credentials are then automatically leveraged when starting the admin server and avoid the need for the weblogic administrator to manually supply these. It is also possible to utilize a boot identify file ( in production domains.    See the following link for more information:

Recovering/decrypting a credential value from the boot identity file is reasonably straightforward should you have shell and executable access to the Weblogic installation.

First, obtain the DOMAIN_HOME value …

ps auxwww | grep Name=AdminServer | tr " " "\n" | grep "domain.home"


Next, source the file …

export DOMAIN_HOME=/u01/app/oracle/product/Middleware/user_projects/domains/base_domain

source $DOMAIN_HOME/bin/

Extract the encrypted username and password credential from the boot identify file ...

USR=`grep username $DOMAIN_HOME/servers/AdminServer/security/ | sed -e "s/^username=\(.*\)/\1/"`

PW=`grep password $DOMAIN_HOME/servers/AdminServer/security/ | sed -e "s/^password=\(.*\)/\1/"`

Sample values …

mshannon@slc05elc% echo $USR

mshannon@slc05elc% echo $PW

Create the small java Decrypt program and invoke it supplying the DOMAIN_HOME and encrypted value requiring decryption …

cat > /tmp/ <<EOF
public class Decrypt {
  public static void main(String[] args) {
    System.out.println("Decrypted value: " + new[0])).

$JAVA_HOME/bin/javac -d /tmp /tmp/

$JAVA_HOME/bin/java -cp /tmp:$CLASSPATH Decrypt "$DOMAIN_HOME" "$USR"

$JAVA_HOME/bin/java -cp /tmp:$CLASSPATH Decrypt "$DOMAIN_HOME" "$PW"

Sample output … 

mshannon@slc05elc% $JAVA_HOME/bin/java -cp /tmp:$CLASSPATH Decrypt "$DOMAIN_HOME" "$USR"
Decrypted value: weblogic

mshannon@slc05elc% $JAVA_HOME/bin/java -cp /tmp:$CLASSPATH Decrypt "$DOMAIN_HOME" "$PW"
Decrypted value: welcome1


  1. If you receive an error from similar to the following:

    Exception in thread "Main Thread"
    at Decrypt.main(

    Try the following alternative to extracting the username and password.

    USR=`grep username $DOMAIN_HOME/servers/AdminServer/security/ | sed -e "s/^username=\(.*\)[\]=$/\1=/"`
    PW=`grep password $DOMAIN_HOME/servers/AdminServer/security/ | sed -e "s/^password=\(.*\)[\]=$/\1=/"`

    It seems around they added an extra backslash to circumvent this solution. After the above, this worked flawlessly. Also, as an alternative, if you set the nodemanager weblogic password the same during the initial setup, you can find another hashed copy of the password in the config.xml file:

    PW=`grep node-manager-password-encrypted $DOMAIN_HOME/config/config.xml | sed -e "s/\(.*\)<\/node-manager-password-encrypted>/\1/"`