Changing and testing SSL keystore and truststore file passwords in TIP

Question & Answer

Question

What procedures can be used to change the Tivoli Integrated Portal truststore (trust.p12) and keystore (key.p12) database passwords, and then test the new password?

Answer

To change the key or truststore password:
In the WebSphere Admin Console go to:
Security->SSL certificate and key management->Key stores and certificates
Select "NodeDefaultTrustStore" and click on "Change password"
Enter the new password

To verify the new password, do the following:
$ cd <TIP HOME>/java/bin
$ ./java com.ibm.gsk.ikeyman.ikeycmd -cert -list CA -db ../../profiles/TIPProfile/config/cells/TIPCell/nodes/TIPNode/trust.p12 -pw <new password>

When using a valid password the following response is expected:
Certificates in database C:\ibm\tivoli\tipv2\java\bin\..\..\profiles\TIPProfile\config\cells\TIPCell\nodes\TIPNode\trust.p12:
datapower
root

With an invalid password, the following response is expected:
An invalid password was provided, the key database has been corrupted or it is of the wrong type. Expected database type: PKCS12

Ensure that the database is of the correct type and that the correct password was given.

[{"Product":{"code":"SSRLR8","label":"Tivoli Components"},"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Component":"Tivoli Integrated Portal (TIP)","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"1.1.1;2.1;2.2","Edition":"","Line of Business":{"code":"","label":""}}]

Tips

Changing and testing SSL keystore and truststore file passwords in TIP

Question & Answer

Question

Answer

Was this topic helpful?

Document Information

UID

Share your feedback

Need support?