You can customize the default connection settings of the WebLogic Remote Console by modifying its Java system properties.
Some possible customizations:
You can create a file that modifies the WebLogic Remote Console according to your preferences.
config.json
$HOME/.config/weblogic-remote-console/config.json/Users/<user>/Library/Application Support/weblogic-remote-console/config.jsonC:\Users\<user>\AppData\Roaming\weblogic-remote-console\config.json
config.json must be properly escaped. For example, enter C:\Users\Jane\myTrust.jks as C:\\Users\\Jane\\myTrust.jks.localhost:8012), add
{
"server.host": "0.0.0.0",
"server.port": "8092"
}
If you using the browser application, you can set Java system properties at the command line when you launch the WebLogic Remote Console.
For example, to set the WebLogic Remote Console to listen on a host other than localhost:
At the command line, enter java -Dserver.host=0.0.0.0 -jar <console_home>/console.jar
| Property | Default | config.json | System Property |
|---|---|---|---|
| console.disableHostnameVerification | false | console.disableHostnameVerification | -Dconsole.disableHostnameVerification |
| console.enableSameSiteCookieValue | false | console.enableSameSiteCookieValue | -Dconsole.enableSameSiteCookieValue |
| console.valueSameSiteCookie | Lax | console.valueSameSiteCookie | -Dconsole.valueSameSiteCookie |
| console.readTimeoutMillis | 20000 | console.readTimeoutMillis | -Dconsole.readTimeoutMillis |
| console.connectTimeoutMillis | 10000 | console.connectTimeoutMillis | -Dconsole.connectTimeoutMillis |
| http.nonProxyHosts | N/A | http.nonProxyHosts | -Dhttp.nonProxyHosts |
| http.proxyHost / https.proxyHost | N/A | http.proxyHost / https.proxyHost | -Dhttp.proxyHost / -Dhttps.proxyHost |
| http.proxyPort / https.proxyPort | 80 / 443 | http.proxyPort / https.proxyPort | -Dhttp.proxyPort / -Dhttps.proxyPort |
| javax.net.ssl.trustStore | <java-home>/lib/security/jssecacerts or <java-home>/lib/security/cacerts |
javax.net.ssl.trustStore | -Djavax.net.ssl.trustStore |
| javax.net.ssl.trustStoreType | jks | javax.net.ssl.trustStoreType | -Djavax.net.ssl.trustStoreType |
| server.host | 127.0.0.1 | server.host | -Dserver.host |
| server.port | 8012 | server.port | -Dserver.port |
| socksProxyHost | N/A | socksProxyHost | -DsocksProxyHost |
| socksProxyPort | 1080 | socksProxyPort | -DsocksProxyPort |
You can learn about other system properties related to networking at Networking Properties in the Java Platform, SE and JDK 11 API Specification. To avoid unexpected behavior, make sure your settings don’t conflict with each other.
If you specify HTTPS for the domain URL in the Connect to WebLogic Domain window, then the WebLogic Remote Console uses SSL/TLS to communicate with the WebLogic domain.
The SSL/TLS connection requires trust in the WebLogic domain, where the trust configuration is handled by the underlying JDK JSSE support. By default, the JDK uses the cacerts truststore provided with the JDK. If the WebLogic domain requires additional trust, separate trust, or is using the WebLogic demo trust (demotrust.jks), then you can use the JDK system properties when starting the Remote Console.
You can configure SSL/TLS trust with the JDK using one of these options:
Import the required trust certificates into the cacerts truststore supplied with the JDK using the keytool command.
Update the JDK Java system properties for JSSE support in a properties file to configure the location and type of truststore.
config.json, add the following properties.
{
"javax.net.ssl.trustStore": "/home/user/mytrust.jks",
"javax.net.ssl.trustStoreType": "JKS"
}
\ must be escaped, for example:
{
"javax.net.ssl.trustStore": "C:\\Users\\user\\mytrust.jks",
"javax.net.ssl.trustStoreType": "JKS"
}
To connect to a WebLogic Remote Console that is not running on the same computer as the browser, you can specify non-default values for the Remote Console host and port using Java system properties.
In config.json, add the following properties, updating the values to reflect the hostname and port you want.
{
"server.host": "0.0.0.0",
"server.port": "8092"
}
On the same computer, open a command window and enter the command applicable to your operating system:
weblogic-remote-console --headless/Applications/WebLogic Remote Console.app/Contents/MacOS/WebLogic Remote Console --headlessC:\Users\<user>\AppData\Local\Programs\weblogic-remote-console\WebLogic Remote Console.exe --headlessOn your local computer, open a browser window and enter:
http://hostname:8092
In this example, hostname represents the computer where you started the Remote Console, and can be an IP address or a DNS name (such as myhost.example.com).
When you connect to a Remote Console process running on a different computer, you risk exposing sensitive data over the network.
In the Connect to WebLogic Domain window, enter the Administrator user name, password, and the URL of the domain.
When the Remote Console is not running on the same computer as the browser, the WebLogic domain URL must be accessible to the computer running the Remote Console process.
To facilitate communication between a WebLogic Server domain that resides in a different network and the WebLogic Remote Console, you may need to configure settings for a proxy server.
This setting adds a proxy setting to config.json.
You can also use Java system properties to configure proxy server settings in config.json, such as {"https.proxyHost": "https://proxy.example.com", "https.proxyPort": "443"}.
Avoid configuring multiple proxy servers which can lead to unexpected behavior. Not only does the proxy value supersede all other proxy server settings, but if you use Java system properties to add one proxy server that uses HTTPS and another that uses SOCKS, the WebLogic Remote Console will ignore the SOCKS proxy server.
To change the defaults for the connection and read timeout settings used with a WebLogic domain from the Remote Console, change the following Java system properties:
console.readTimeoutMillis=<millis> for the timeout when waiting on a response, Default: 20 secondsconsole.connectTimeoutMillis=<millis> for the timeout when waiting to connect, Default: 10 secondsFor example, to tell the console to wait 60 seconds before giving up on a response from the WebLogic domain,
In config.json, add:
{
"console.readTimeoutMillis": "60000",
"console.connectTimeoutMillis": "30000"
}
When changing network timeout settings, the primary impact will be the response time for Console threads, while the browser will show no data when a timeout occurs. Examples of where timeouts may happen include requests where WebLogic experiences longer initialization or execution times such as for runtime monitoring actions of servers.
When using WebLogic demo trust to connect to the WebLogic domain, you may need to disable host name verification. Disabling host name verification causes the Remote Console to skip the verification check of ensuring that the host name in the URL to which a connection is made matches the host name in the digital certificate that the server sends back as part of the SSL connection.
We do not recommend using the demo certificates or turning off host name verification in production environments.
To disable host name verification, set the console.disableHostnameVerification property to true when required. The default is false.
For example, to connect to the domain using SSL/TLS with host name verification disabled, in the config.json file, add:
{
"console.disableHostnameVerification": "true",
"javax.net.ssl.trustStore": "/<path-to-wl-home>/server/lib/DemoTrust.jks",
"javax.net.ssl.trustStoreType": "JKS"
}
On Windows, the path character \ must be escaped, for example:
{
"console.disableHostnameVerification": "true",
"javax.net.ssl.trustStore": "C:\\<path-to-wl-home>\\server\\lib\\DemoTrust.jks",
"javax.net.ssl.trustStoreType": "JKS"
}
When the WebLogic Remote Console establishes a connection with the WebLogic Domain, a HTTP Cookie is established with the Web Browser session.
For security reasons, the SameSite attribute of the HTTP Cookie may need to be set for the Web Browser to accept the HTTP session Cookie. There are two settings that control the Remote Console behavior:
console.enableSameSiteCookieValue=true to include the SameSite attribute in the HTTP Cookie, Default: falseconsole.valueSameSiteCookie="<value>" to specify the value of the SameSite attribute, Default: LaxFor example, in the config.json file, add:
{"console.enableSameSiteCookieValue": "true"}
results in the HTTP session Cookie including the SameSite attribute with a value of Lax.
One of the benefits of the WebLogic Remote Console is the ability to connect to, and manage, a WebLogic Server domain running on Kubernetes. For details about how to setup access to WebLogic Server domains running on Kubernetes, see Use the Remote Console in the WebLogic Kubernetes Operator User Guide.
If you want the WebLogic Remote Console application to use a JDK at a different location, add an entry for javaPath to the config.json file. For example, if you want to point to a Java executable in /usr/bin/java add:
{"javaPath": "/usr/bin/java"}
On Windows, the path character \ must be escaped.
You can allow WebLogic Remote Console to connect to an Administration Server regardless of warnings about expired, untrusted, or missing certificates.
We strongly recommend that you only enable this setting for development or demonstration environments.
config.json file to add HTTPS proxy server settings.