Changing the password for the shared truststore

Edit online

The shared truststore is used by selected Liberty servers to verify credentials. If required, you can change the password.

Before you begin

Replace /opt/ibm with the installation path you specified during the Cloud APM server installation.

Procedure

  1. Verify that you know the current password for the shared truststore. Run the following command: 
    cd /opt/ibm/wlp/usr/shared/resources/security/ 
keytool -list -v -keystore trust.jks
    When prompted, enter the password. The default password is: 
    ccmR0cKs!
    The command should print the aliases of all entries in the keystore.
  2. Stop the Cloud APM server: 
    apm stop_all
  3. Change the password for the truststore: 
    cd /opt/ibm/wlp/usr/shared/resources/security/ 
cp trust.jks trust.jks.sav 
keytool -storepasswd -keystore trust.jks
  4. Encode the password by using the Liberty securityUtility tool and AES cipher: 
     /opt/ibm/wlp/bin/securityUtility encode --encoding=aes
  5. Update the Cloud APM server configuration: 
    cd /opt/ibm/wlp/usr/shared/config/ 
cp serverVariables.xml serverVariables.xml.sav
    Update the value of the trust.store.password variable in the serverVariables.xml file. Use the value determined in 4, for example:
    <variable name="trust.store.password" value="{aes}AKPjaLK2Ng7Epa+PX41P0yWfbfyu98/g0FhhGDx/wpK/" />
  6. Start the Cloud APM server: 
    apm start_all