Oracle Cloud Infrastructure Documentation

Known Issues for WebLogic Management

These known issues have been identified in WebLogic Management.

Important

Pre-General Availability: 2024-10-11

The following legal notice applies to Oracle pre-GA releases. For copyright and other applicable notices, see Oracle Legal Notices.

Pre-General Availability Draft Documentation Notice

This documentation is in pre-General Availability status and is intended for demonstration and preliminary use only. It may not be specific to the hardware on which you are using the software. Oracle Corporation and its affiliates are not responsible for and expressly disclaim all warranties of any kind with respect to this documentation and will not be responsible for any loss, costs, or damages incurred due to the use of this documentation.

Patching
Scanning

API operation returns different 409 conflict error messages

Details

When an API that returns a 409 - Conflict error message for validation, for example, when installing the latest patches:

  "data": {
    "code": "Conflict",
    "message": "Patch readiness status must be OK for domain <domain-ocid>
Current status is ERROR"
  },
  "status": "409 Conflict"

Rerunning the operation results in a different error:

"data": {
    "code": "Conflict",
    "message": "Resource <domain-ocid> is currently being modified."
  }
  "status": "409 Conflict"
Workaround

Wait 15 to 30 seconds before making the second call to the API.

Server location removed during managed instance scan

Details

If a domain has no listen address for its servers and those servers are spread across nodes, when you scan one node (managed instance) the servers are associated with the correct managed instance when viewing the domain. However, the servers on the other nodes are erased and the managed instances are no longer associated).

Workaround

We recommend you configure a listen address in domains to avoid this issue.

Scan fails if secure production mode is enabled and non-default administration port is used

Details

When scanning, the Admin Server patch readiness check fails if you have enabled Secure Production Mode and the WebLogic Management server is configured to use a non-default administration port.

<Jan 16, 2025 12:34:06 AM GMT> 
<ERROR> <domain_scanner.py> <(host:hostname.example.com) - 
<WLMS-ERROR-0013> : Failed to get administration URL for the domain [/opt/domains/domain-name]. Cannot proceed with server check>

The failure happens with socket reachability check because the value of the port is read as string instead of int.

Workaround
  1. Sign in to the failing domain through WebLogic Remote Console. If you do not have the Remote Console, you can download it from GitHub.
  2. Disable and re-enable the Secured Production Mode.
    1. Click Edit Tree, Environment, and then Domain.
    2. Disable Secured Production Mode.
    3. Click Save.
    4. From the Cart, click Commit Changes.
    5. Enable Secured Production Mode.
    6. Click Save.
    7. From the Cart, click Commit Changes.
  3. Disable and re-enable the Administration Port.
    1. Click Edit Tree, Environment, and then Domain.
    2. Disable Enable Administration Port.
    3. Click Save.
    4. From the Cart, click Commit Changes.
    5. Enable Enable Administration Port.
    6. Click Save.
    7. From the Cart, click Commit Changes.

Scan fails if secure production mode is disabled

Details

When scanning, the Admin Server patch readiness check fails if you have disabled Secure Production Mode.

<Jan 17, 2025 11:01:06 PM GMT> 
<INFO> <scan_action.py> <(host:hostname.example.com) - 
<WLMS-INFO-0034> : Sending scan job response to WLMS. Response payload: [{
  "compartment_id": "ocid1.compartment.oc1..unique_id",
  "job_details": {
    "job_id": job_id_number,
    "job_metadata": null,
    "job_result_message": "Domain scan successful for domains . Failed to scan domain(s) in paths [/opt/domains/customdomain]. The error is 'NoneType' object has no attribute 'text'",
    "job_status": "SUCCESSFUL"
  },

The failure happens with socket reachability check because the value of the port is read as string instead of int.

Workaround
  1. Sign in to the failing domain through WebLogic Remote Console. If you do not have the Remote Console, you can download it from GitHub.
  2. Enable the Secured Production Mode.
    1. Click Edit Tree, Environment, and then Domain.
    2. Enable Secured Production Mode.
    3. Click Save.
    4. From the Cart, click Commit Changes.

Scan fails if custom trust keystore password contains special characters

Details

If you have special characters in your custom trust keystore password, domain scans fail with an error in server_check,py when the WebLogic Management plugin attempts to invoke WebLogic Scripting Tool.

<Jan 15, 2025 11:34:08AM GMT> 
<INFO> <server_check.py> <(host:hostname.example.com) - 
<WLMS-INFO-0023> : Writing input json to /tmp/server_check_data.json>
Jan 15, 2025 11:34:08AM GMT> 
<INFO> <wlst_utils.py> <(host:hostname.example.com) - 
<WLMS-INFO-0017> : Invoking WLST command export JAVA_HOME=/u01/jdk; 
export MW_HOME=/u01/app/oracle/middleware; export PATH=/u01/jdk/bin:$PATH; 
export WLST_PROPERTIES="${WLST_PROPERTIES} 
-Dweblogic.RootDirectory=/u01/data/domains/my_domain 
-Dweblogic.security.TrustKeyStore=DemoTrust
-Dweblogic.security.SSL.ignoreHostnameVerification=true
-Dweblogic.security.SSL.minimumProtocolVersion=TLSv1.2 -Djava.security.egd=file:///dev/urandom
-Dweblogic.security.TrustKeyStore=CustomTrust
-Dweblogic.security.CustomTrustKeyStoreFileName=/u01/app/oracle/tools/certs/my_certs
-Dweblogic.security.CustomTrustKeyStoreType=JKS
-Dweblogic.security.CustomTrustKeyStorePassPhrase=*****"; 
/u01/app/oracle/middleware/oracle_common/common/bin/wlst.sh 
/usr/libexec/oracle-cloud-agent/plugins/oci-wlms/_internal/wls_actions/wlst/server_check.wlst True True as oracle user>
Jan 15, 2025 11:34:08 AM GMT> 
<ERROR> <server_check.py> <(host:hostname.example.com) - 
<WLMS-ERROR-0019> : Failed to execute server check WLST script.
Exception is [/u01/app/oracle/middleware/oracle_common/common/bin/wlst_internal.sh: line 18: keystore_pw: command not found
Workaround
  1. Using the keytool, update the keystore password to remove any special characters.
  2. Sign in to the failing domain through WebLogic Remote Console. If you do not have the Remote Console, you can download it from GitHub.
  3. Complete the following steps in the WebLogic Remote Console:
    1. Update the keystore password. For more information, see the Oracle WebLogic Server docs.
    2. Save and commit your changes.
    3. Restart all servers in the domain to apply the new keystore password.

Scan fails if SSL listen port is enabled for the Admin Server

Details

If the configuration for Administration Server is enabled for the SSL listen port, WebLogic Management scans fail.

Workaround
  1. Sign in to the failing domain through WebLogic Remote Console. If you do not have the Remote Console, you can download it from GitHub.
  2. Disable and re-enable the SSL Listen Port.
    1. Click Edit Tree, Environment, and then Servers.
    2. Under Servers, select the administration server.
    3. Disable SSL Listen Port Enabled.
    4. Click Save.
    5. From the Cart, click Commit Changes.
    6. Enable SSL Listen Port Enabled.
    7. Click Save.
    8. From the Cart, click Commit Changes.

Scan fails if Node Manager uses SSL

Details

If Node Manager is configured to use SSL to communicate with WebLogic domains, scans fail.

Workaround
Important

Repeat these steps for each machine that is configured to use Node Manager in the domain.
  1. Sign in to the failing domain through WebLogic Remote Console. If you do not have the Remote Console, you can download it from GitHub.
  2. Set and reset Node Manager communication type.
    1. Click Edit Tree, Environment, and then Machines.
    2. Under Machines, select a machine name.
    3. Click Node Manager.
    4. For Type, select a value other than SSL.
    5. Click Save.
    6. From the Cart, click Commit Changes.
    7. For Type, select SSL.
    8. Click Save.
    9. From the Cart, click Commit Changes.