Import Key Certificate with different password using Web Console
You won’t be able to upload a Key certificate with password different than existing key
certificate password via IBM®
Connect:Direct® Web Service Web Console. If you
still want to use those certificates, you have to Import Key Certificate with different passwords.
To do this from web console:
- Login as an Admin user.
- Go to Certificates> Key Certificate> View> Delete all existing Key Certificates from existing Keystore.
- Go to Certificates> Key Certificate/Trust Certificate > Import and import new Key Certificate in that Keystore in the same session.
- Edit
application.properties
file and change the value ofserver.ssl.key-alias
property with Certificate Label to be used by Connect:Direct Web Services. - Depending on your environment type, issue one of the following commands:
- In Windows, stop and start MFTWebservices from the Task manager for changes to take effect.
- In UNIX, issue the following command to stop and start MFTWebServices for changes to take effect.
% ./$CDWS_INSTALLATION_DIR$/bin/stopWebservice.sh % ./$CDWS_INSTALLATION_DIR$/bin/startWebservice.sh
Alternative approach
If you do not wish to delete
the old certificates, rather change their passwords and import the new certificates, follow these steps:
- Update the Key Certificate password using following keytool
command:
keytool -keypasswd -Keystore <path_of_Keystore/Truststore_with_name> -alias <key_certificate_alias> Enter Keystore password: Enter key password for <key_certificate_alias>: New key password for <key_certificate_alias>: Re-enter new key password for <key_certificate_alias>: Password change successful for alias <key_certificate_alias>
- Run following utility to sync the new password with
CDWS:
java -jar ChangeKeystoreTruststoreAndUpdatePassword.jar Enter Admin Password: Please Select from below options: 1. Type K and Enter to Change Keystore OR Sync Keystore Password with CDWS. 2. Type T and Enter to Change Truststore OR Sync Truststore Password with CDWS. 3. Type C and Enter to Sync Key Certificate Password with CDWS. 4. Type Q and Enter to Exit. Enter your Choice: K Enter the complete path of Keystore: (including fileName(.jks)): Enter Keystore Password: Confirm Password: Keystore details updated successfully Press Y to Continue OR Q to Exit:Q Exiting the Utility.
Attention: Use the above command to update CDWS with new password if you forgot Keystore/Truststore password. However, you cannot recover Keystore password because of security reasons. - Depending on your environment type, issue one of the following commands:
- In Windows, stop and start MFTWebservices from the Task manager for changes to take effect.
- In UNIX, issue the following command to stop and start MFTWebServices for changes to take effect.
% ./$CDWS_INSTALLATION_DIR$/bin/stopWebservice.sh % ./$CDWS_INSTALLATION_DIR$/bin/startWebservice.sh
- Follow the steps mentioned in Add/Import a certificate(s) to IBM Connect:Direct Web Service Keystore/ Truststore .