Steps to store sensitive configuration parameters in WebLogic Server custom identity keystore.

Note: You need to know keystore passphrase in order to perform the steps.

1. Determine keystore location and type.

a. Log into WebLogic console.

b. In Domain Structure tree select Environment | Servers.

c. In the Servers table select the WebLogic server where the application that uses the configuration parameters (for example, NMS MultiSpeak Adapter) is deployed or will be deployed.

d. Select Keystores tab.

e. Custom Identity Keystore field contains keystore location.

f. Custom Identity Keystore Type field contains keystore type.

2. Convert JKS keystore to PKCS12 format.

a. If keystore type is already PKCS12 continue to step 3.

b. If keystore type is JKS or empty, then use the following command to convert the keystore into PKCS12 format.

keytool -importkeystore -srckeystore <keystore location> \

-destkeystore <keystore location> -deststoretype pkcs12

where <keystore location> is the full path to the custom identity keystore file

c. In WebLogic console change Custom Identity Keystore Type to PKCS12 and save changes.

3. Add configuration parameters to the keystore.

a. Execute to following command for each configuration parameter.

keytool -importpass -alias <application>.<configuration parameter>\

-keystore <keystore location>

<application> can be one of the following values:

• avlinterface : AVL component of NMS MultiSpeak Adapter

• amrinterface : AMR component of NMS MultiSpeak Adapter

• scadainterface: SCADA component of NMS MultiSpeak Adapter

• mwminterface : Oracle Field Service Adapter

• swmaninterface: Switching Adapter

• odininterface : ODIN Adapter

• nhubinterface: Notification Hub Adapter

• derms : Edge DERMS Application

Example

keytool -importpass -alias amrinterface.config.password\

-keystore /home/nmsadmin/etc/nms-ssl.keystore

The command will first prompt for keystore password, then for the value to be stored (the command will ask it to be entered twice). And finally, it will ask to enter password specific to this entry. Here RETURN must be pressed to use the keystore password (otherwise NMS will not be able to access the value).

b. Enter the following command to validate keystore contents.

keytool -list -keystore <keystore location>

Example output line for the value added above.

amrinterface.config.password, Jan 11, 2024, SecretKeyEntry,

4. Remove from the database the configuration parameters that were added to the keystore.