The demo identity certificates that are deployed by default with the installation of WebLogic should have been replaced during installation to enhance the security of your environment. The demo identity certificates that are deployed by default with the installation of WebLogic should have been replaced during installation to enhance the security of your environment. If self-signed certificates were deployed to your WebLogic instance during installation, you will have to rollback your WebLogic to trust the DemoIdentity in order for the upgrade installer to use WLST to connect to the WebLogic admin server in order that it can apply any required updates.
If you deployed CA signed certificates to your WebLogic instance during installation, depending on how your CA signed certificates were signed, your connection may be trusted by the JavaStandardTrust keystore, and therefore WLST should be able to connect to the WebLogic admin server. If your CA signed certificates are not trusted by the JavaStandardTrust keystore, then you would also have to rollback your weblogic to trust the DemoIdentity certificates in order for the installer to use WLST to connect to the WebLogic admin server in order that it can apply any required updates.
Alternatively, you may want to update the deployments in WebLogic manually.