3.1 - Domain wide administration port is not enabled

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

It is a good practice to separate administration traffic from application traffic in the domain. In production environments, separating the two forms of traffic ensures that critical administration operations (starting and stopping servers, changing a server's configuration, and deploying applications) do not compete with high-volume application traffic on the same network connection. WebLogic Server provides the option to enable an SSL administration port for use with all servers in the domain. The administration port accepts only secure, SSL traffic, and all connections via the port require authentication by a server administrator.

Sensitive data between managed servers and admin server can be sniffed.

Solution

1. Select the name of the active domain in the left pane to display the domain's configuration attributes.
2. Click the Configuration tab in the right pane.
3. Click the General tab in the right pane.
4. Select the Enable Domain Wide Administration Port attribute to enable the SSL administration port for this domain.
5. In the Administration Port box, enter the SSL port number that server instances in the domain use as the administration port.
6. Click Apply to apply your changes
The current unencrypted connection will be lost and the server will be accessible over SSL at the below URL: https://<IP Address>:9002/console (assuming that the Administration Port has been set to 9002)