Solved

Changing default truststore and keystore passwords in WebSphere

Posted on 2011-02-28
3
8,186 Views
Last Modified: 2013-12-11
I am following this document to change the default passwords

http://www-01.ibm.com/support/docview.wss?uid=swg21243038

In step 4, when i try to open the files

Use IKeyman to change the password for the actual key.p12 and trust.p12 pointed to in step 3:

com.ibm.ssl.keyStore=${user.root}/etc/key.p12
com.ibm.ssl.keyStore=${user.root}/etc/trust.p12

   1. <WAS_HOME>/bin/ikeyman.bat
   2. Key Database File -> Open
   3. Browse to the files and open with the default password (WebAS)
   4. Key Database File -> Change Password


I am getting the error "The specified file is not a well-formatted key database file

Please help how to rectify
0
Comment
Question by:wasadmin11
  • 2
3 Comments
 
LVL 11

Accepted Solution

by:
Radek Baranowski earned 500 total points
ID: 35006085
did you change type to P12  in the "Open database" dialog ? you must tell ikeyman what store type it is going to open.

check it.

other option is that the passwords have been already changed - then you would need to create a new set of files.
0
 
LVL 2

Author Comment

by:wasadmin11
ID: 35015266
working now ..i had to change the type to pkcs12. Thanks..Got another doubt.

I changed the password in the ssl.config.props in the Dmgr01 profile. But after restarting all the JVMS , I do not see the new password in the AppSrv01 ssl.config.props. I thought any change made to the Dmgr01 profile should be propogated to the Nodes ?

0
 
LVL 11

Expert Comment

by:Radek Baranowski
ID: 35015313
no, it doesn't work that way, I mean, when you change ssl.config.props in Dmgr/properties directory it works only locally eg. when you perform operations to Dmgr profile. if you want to use the same settings on other profiles you need to make the same changes in their properties directory as well.

take this as an example - when putting credentials to soap.client.props to use wsadmin without explicit authentication every time, you make it work in the profile you make this change to - the others not. if you want ot use wsadmin without credential prompt on other profiles, you need to put creds there as well to soap.client.props.

is it clear to you ?
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Using BigFix Actions 7 118
junit test for void methods using mockito 4 436
Get Windows user names, who are currently using application in Citrix/RDP 6 109
hibernate jars 4 59
-Xmx and -Xms are the two JVM options often used to tune JVM heap size.   Here are some common mistakes made when using them:   Assume BigApp is a java class file for the below examples. 1.         Missing m, M, g or G at the end …
Verbose logging is used to diagnose garbage collector problems. By default, -verbose:gc output is written to either native_stderr.log or native_stdout.log.   It is also possible to redirect the logs to a user-specified file. This article will de…
I've attached the XLSM Excel spreadsheet I used in the video and also text files containing the macros used below. https://filedb.experts-exchange.com/incoming/2017/03_w12/1151775/Permutations.txt https://filedb.experts-exchange.com/incoming/201…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question