Administration Console Online Help
Domain
[Attributes and Console Screen Reference for Domains]
A domain is an inter-related set of WebLogic Server resources that are managed as a unit. A domain includes one or more WebLogic Servers, and may include one or more WebLogic Server clusters.
A domain is a self-contained administrative unit. If an application is deployed in a domain, components of that application cannot be deployed on servers that are not a part of that domain. When a cluster is configured in a domain, all of its servers must be a part of that domain as well.
For each domain, you can configure a subset of Weblogic Server resources that apply to all servers and clusters that reside in the domain. These attributes are configured in the Domain node of the Administration Console.
Tasks
Enabling the Domain-Wide Administration Port
WebLogic Server provides the option to enable an SSL administration port for use with all servers in the domain. The administration port is optional, but it provides two capabilities:
- It enables you to start a server in
STANDBY
state.
- It enables you to separate administration traffic from application traffic in your domain.
The administration port accepts only secure, SSL traffic, and all connections via the port require authentication by a server administrator. Because of these features, enabling the administration port imposes the following restrictions on your domain:
- The Administration Server and all Managed Servers in your domain must be configured with support for the SSL protocol.
- All servers in the domain, including the Administration Server, enable or disable the administration port at the same time.
- After enabling the administration port, you must establish an SSL connection to the Administration Server in order to start any Managed Server in the domain. This applies whether you start Managed Servers manually, at the command line, or using Node Manager.
- After enabling the administration port, all Administration Console traffic must connect via the administration port.
- If multiple server instances run on the same computer in a domain that uses a domain-wide administration port, you must either:
- Host the server instances on a multi-homed machine and assign each server instance a unique listen address, or
- Override the domain-wide port on all but one of one of the servers instances on the machine. Override the port using the Local Administration Port Override option on the Advanced Attributes portion of the Server->Configuration->General page in the Administration Console.
To enable the administration port for your domain:
- First ensure that all servers in the domain are properly configured to use SSL. See Configuring Two-Way SSL for more information.
- Select the name of the active domain in the left pane to display the domain's configuration attributes.
- Click the Configuration tab in the right pane.
- Click the General tab in the right pane.
- Select the Enable Domain Wide Administration Port attribute to enable the SSL administration port for this domain.
- In the Administration Port box, enter the SSL port number that server instances in the domain use as the administration port. You can override an individual server instance's administration port assignment on the Advanced Options portion of the Configuration->General tab for the server instance.
- Click Apply to apply your changes.
- Restart all server instances in the domain, including the Administration Server and all Managed Servers. The Administration Port will not function until all server instances in the domain are restarted.
- To start Managed Servers after enabling the administration port, you must establish an SSL connection to the domain's Administration Server. You can do this by specifying the following option at the command line when started the Managed Server:
-Dweblogic.management.server=https://host
:admin_port
In this argument, host
refers to the address of the Administration Server and admin_port is the administration port that the Administration Server uses. Note that you must specify the https://
prefix, rather than http://
.