Description
Enabling custom_trust and setting trust_keystore_file & trust_keystore_passphrase in the orautils class exposes the passphrase as it saves in plain text to the startNodeManager.sh file. Also, by setting this as a java option with -Dweblogic.security.CustomTrustKeystorePassPhrase in that file, it exposes the password to all users when running the 'ps aux' command.
From what I understand, this should really be set in the nodemanager.properties file, as it will get encrypted once node manager runs for the first time.
nodemanager.properties should contain something similar to this:
KeyStores=CustomIdentityAndCustomTrust
CustomIdentityKeyStoreFileName=Identity_Keystore
CustomIdentityKeyStorePassPhrase=Identity_Keystore_Password
CustomIdentityAlias=Identity_Keystore_Alias
CustomIdentityPrivateKeyPassPhrase=Private_Key_Used_When_Creating_Certificate
https://oracle-base.com/articles/11g/weblogic-configure-ssl-for-a-managed-server
Thoughts?