Sometimes, you may require to change
default key store password in WSO2 prodcuts due to security reasons.
Here are the steps when changing
keystore passwords:
Step 1:
Navigate to wso2 server location:
ex: cd
$wso2_server/repository/resources/security
Step 2:
Change keystore password:
keytool -storepasswd -new [new password] -keystore [keystore name]
ex: keytool
-storepasswd -new simplenewpassword
-keystore wso2carbon.jks
Step 3:
Change Private Key password
keytool -keypasswd -alias wso2carbon -keystore wso2carbon.jks
Enter keystore password: <simplenewpassword>
Enter key password for <wso2carbon> wso2carbon
New key password for <wso2carbon>: <simplenewpassword>
Re-enter new key password for <wso2carbon>: <simplenewpassword>
Both
keystore and private key password must be the same in some cases like
WSO2 BAM. Specially, in Thrift, we need to configure to use one
password for both.
Step 4:
Configure wso2 server (example taken here as WSO2 BAM)
- Change carbon.xml at @wso2_server/repository/conf
<KeyStore>
<!-- Keystore file location-->
<Location>${carbon.home}/repository/resources/security/wso2carbon.jks</Location>
<!-- Keystore type (JKS/PKCS12 etc.)-->
<Type>JKS</Type>
<!-- Keystore password-->
<Password>simplenewpassword</Password>
<!-- Private Key alias-->
<KeyAlias>wso2carbon</KeyAlias>
<!-- Private Key password-->
<KeyPassword>simplenewpassword</KeyPassword>
</KeyStore>
<RegistryKeyStore>
<!-- Keystore file location-->
<Location>${carbon.home}/repository/resources/security/wso2carbon.jks</Location>
<!-- Keystore type (JKS/PKCS12 etc.)-->
<Type>JKS</Type>
<!-- Keystore password-->
<Password>simplenewpassword</Password>
<!-- Private Key alias-->
<KeyAlias>wso2carbon</KeyAlias>
<!-- Private Key password-->
<KeyPassword>simplenewpassword</KeyPassword>
</RegistryKeyStore>
- Change identtity.xml at @wso2_server/repository/conf
<ThirftBasedEntitlementConfig>
<EnableThriftService>true</EnableThriftService>
<ReceivePort>${Ports.ThriftEntitlementReceivePort}</ReceivePort> <ClientTimeout>10000</ClientTimeout>
<KeyStore>
<Location>${carbon.home}/repository/resources/security/wso2carbon.jks</Location>
<Password>simplenewpassword</Password>
</KeyStore>
</ThirftBasedEntitlementConfig>