Changing default truststore and keystore passwords in WebSphere

I am following this document to change the default passwords

http://www-01.ibm.com/support/docview.wss?uid=swg21243038

In step 4, when i try to open the files

Use IKeyman to change the password for the actual key.p12 and trust.p12 pointed to in step 3:

com.ibm.ssl.keyStore=${user.root}/etc/key.p12
com.ibm.ssl.keyStore=${user.root}/etc/trust.p12

   1. <WAS_HOME>/bin/ikeyman.bat
   2. Key Database File -> Open
   3. Browse to the files and open with the default password (WebAS)
   4. Key Database File -> Change Password


I am getting the error "The specified file is not a well-formatted key database file

Please help how to rectify
LVL 2
wasadmin11Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Radek BaranowskiFull-stack Java DeveloperCommented:
did you change type to P12  in the "Open database" dialog ? you must tell ikeyman what store type it is going to open.

check it.

other option is that the passwords have been already changed - then you would need to create a new set of files.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
wasadmin11Author Commented:
working now ..i had to change the type to pkcs12. Thanks..Got another doubt.

I changed the password in the ssl.config.props in the Dmgr01 profile. But after restarting all the JVMS , I do not see the new password in the AppSrv01 ssl.config.props. I thought any change made to the Dmgr01 profile should be propogated to the Nodes ?

0
Radek BaranowskiFull-stack Java DeveloperCommented:
no, it doesn't work that way, I mean, when you change ssl.config.props in Dmgr/properties directory it works only locally eg. when you perform operations to Dmgr profile. if you want to use the same settings on other profiles you need to make the same changes in their properties directory as well.

take this as an example - when putting credentials to soap.client.props to use wsadmin without explicit authentication every time, you make it work in the profile you make this change to - the others not. if you want ot use wsadmin without credential prompt on other profiles, you need to put creds there as well to soap.client.props.

is it clear to you ?
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Java App Servers

From novice to tech pro — start learning today.