Solved

Changing default truststore and keystore passwords in WebSphere

Posted on 2011-02-28
3
7,949 Views
Last Modified: 2013-12-11
I am following this document to change the default passwords

http://www-01.ibm.com/support/docview.wss?uid=swg21243038

In step 4, when i try to open the files

Use IKeyman to change the password for the actual key.p12 and trust.p12 pointed to in step 3:

com.ibm.ssl.keyStore=${user.root}/etc/key.p12
com.ibm.ssl.keyStore=${user.root}/etc/trust.p12

   1. <WAS_HOME>/bin/ikeyman.bat
   2. Key Database File -> Open
   3. Browse to the files and open with the default password (WebAS)
   4. Key Database File -> Change Password


I am getting the error "The specified file is not a well-formatted key database file

Please help how to rectify
0
Comment
Question by:wasadmin11
  • 2
3 Comments
 
LVL 11

Accepted Solution

by:
Radek Baranowski earned 500 total points
ID: 35006085
did you change type to P12  in the "Open database" dialog ? you must tell ikeyman what store type it is going to open.

check it.

other option is that the passwords have been already changed - then you would need to create a new set of files.
0
 
LVL 2

Author Comment

by:wasadmin11
ID: 35015266
working now ..i had to change the type to pkcs12. Thanks..Got another doubt.

I changed the password in the ssl.config.props in the Dmgr01 profile. But after restarting all the JVMS , I do not see the new password in the AppSrv01 ssl.config.props. I thought any change made to the Dmgr01 profile should be propogated to the Nodes ?

0
 
LVL 11

Expert Comment

by:Radek Baranowski
ID: 35015313
no, it doesn't work that way, I mean, when you change ssl.config.props in Dmgr/properties directory it works only locally eg. when you perform operations to Dmgr profile. if you want to use the same settings on other profiles you need to make the same changes in their properties directory as well.

take this as an example - when putting credentials to soap.client.props to use wsadmin without explicit authentication every time, you make it work in the profile you make this change to - the others not. if you want ot use wsadmin without credential prompt on other profiles, you need to put creds there as well to soap.client.props.

is it clear to you ?
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

Most of the developers using Tomcat find it easy to configure the datasource in Server.xml and use the JNDI name in the code to get the connection.  So the default connection pool using DBCP (or any other framework) is made available and the life go…
Meet the world's only “Transparent Cloud™” from Superb Internet Corporation. Now, you can experience firsthand a cloud platform that consistently outperforms Amazon Web Services (AWS), IBM’s Softlayer, and Microsoft’s Azure when it comes to CPU and …
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now