You can change passwords for the encryption KeyStore.
The encryption.keystore password must be identical to the certificate
password.
-
Stop the server.
-
Open a command line window, and go to the app_data/conf
directory.
-
To view the alias of the secret key, run the following command:
keytool -keystore encryption.keystore -list -storetype pkcs12 -storepass changeit
Make
a note of the alias of secret key, it is required in step
6. The
keytool application
is included in the Java™ developer kit and is not part of
IBM DevOps Deploy (Deploy).
-
Back up the encryption.keystore file.
-
Change the encryption KeyStore password by using the following command:
keytool -storepasswd -new newPassword -keystore encryption.keystore -storetype pkcs12 -storepass changeit
The
default password is
changeit. Replace
newPassword with your password of choice. The
keytool application is included in the Java developer kit and is not part of
Deploy.
-
Change the secret key password by using the following command:
keytool -keypasswd -alias XXX -keypass changeit -new newpassword -keystore encryption.keystore -storetype pkcs12 -storepass newpassword
where
alias is the one that you noted in step
3, and the encryption KeyStore password and
the secret key password must be the same.
-
In a text editor, open the
server-install\conf\server\secured-installed.properties
file. Specify the new encryption.keystore password in the following line of
code:
encryption.keystore.password=newPassword
Note: The password that you specify here must be the same as the password for the encryption
KeyStore password that you specified in step
5 and the secret key password that you specified in step
6.
-
Start the server.
Starting the server automatically encrypts the encryption.keystore
password that you specified in the installed.properties file.