Recreating the .kdb keystore internal password record

The IBM® i keystore type IBMi5OSKeyStore does not recognize or generate .sth password stash files. Instead it keeps an internal record of the password for the .kdb keystore file where it is created. If the .kdb file is moved, the password is no longer associated with the keystore. In that case, you must use the Digital Certificate Manager (DCM) to recreate the internal record of the password for the .kdb keystore file.

Before you begin

Refer to the topic Keystore configurations for SSL before attempting this task.

About this task

To recreate the internal record of the password for the .kdb keystore file, start the DCM. For more information, see the Digital Certificate Manager information.

Procedure

Click Select a Certificate Store.
Select Other System Certificate Store.
Enter the certificate store path and filename.
Enter the certificate store password.
Click Continue.
Select Manage Certificate Store.
Click Change password.
Enter the new password and confirm it.
Note that DCM requires a different password than the one you specified in step 4.
Select Automatic login.
Click Continue.
Click OK when a message displays that confirms that the password is changed.
Repeat steps 1 through 5 to create the internal record of the new password for the .kdb keystore file.
Repeat steps 1 through 12 to change the password back to the original password and to create the internal record of the original password for the .kdb keystore file.

Results

You have recreated the internal record of the password for the .kdb keystore file.