Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 8868
  • Last Modified:

Changing default truststore and keystore passwords in WebSphere

I am following this document to change the default passwords

http://www-01.ibm.com/support/docview.wss?uid=swg21243038

In step 4, when i try to open the files

Use IKeyman to change the password for the actual key.p12 and trust.p12 pointed to in step 3:

com.ibm.ssl.keyStore=${user.root}/etc/key.p12
com.ibm.ssl.keyStore=${user.root}/etc/trust.p12

   1. <WAS_HOME>/bin/ikeyman.bat
   2. Key Database File -> Open
   3. Browse to the files and open with the default password (WebAS)
   4. Key Database File -> Change Password


I am getting the error "The specified file is not a well-formatted key database file

Please help how to rectify
0
wasadmin11
Asked:
wasadmin11
  • 2
1 Solution
 
Radek BaranowskiFull-stack Java DeveloperCommented:
did you change type to P12  in the "Open database" dialog ? you must tell ikeyman what store type it is going to open.

check it.

other option is that the passwords have been already changed - then you would need to create a new set of files.
0
 
wasadmin11Author Commented:
working now ..i had to change the type to pkcs12. Thanks..Got another doubt.

I changed the password in the ssl.config.props in the Dmgr01 profile. But after restarting all the JVMS , I do not see the new password in the AppSrv01 ssl.config.props. I thought any change made to the Dmgr01 profile should be propogated to the Nodes ?

0
 
Radek BaranowskiFull-stack Java DeveloperCommented:
no, it doesn't work that way, I mean, when you change ssl.config.props in Dmgr/properties directory it works only locally eg. when you perform operations to Dmgr profile. if you want to use the same settings on other profiles you need to make the same changes in their properties directory as well.

take this as an example - when putting credentials to soap.client.props to use wsadmin without explicit authentication every time, you make it work in the profile you make this change to - the others not. if you want ot use wsadmin without credential prompt on other profiles, you need to put creds there as well to soap.client.props.

is it clear to you ?
0

Featured Post

Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now