Black Box ET0010A User Manual

Using Enhanced Security Features

266

EncrypTight User Guide

Before you begin using certificates, you need to change the default passwords for the EncrypTight 
keystore and the ETKMS keystore. This section includes the following topics:

●

●

The keystore is where keys and certificates used by ETEMS are securely stored. The contents of the 
keystore are password protected. We recommend changing the default password of admin123.

Other operational notes that you should be aware of:

●

Always use ETEMS to change the keystore password. Using keytool to change the keystore password 
can cause communication errors between ETEMS and EncrypTight appliances, because keytool does 
not inform ETEMS of password changes. 

●

The keystore is located in 

<installDir>\cvConfig\keys

, where <

installDir>

 is the top-level 

EncrypTight directory. Use this directory when adding certificates to the keystore. 

●

ETEMS reads the keystore upon startup. It does not act on new certificates added to the keystore 
while ETEMS is running. ETEMS needs to be restarted for changes to take effect. 

●

When uninstalling EncrypTight, the keystore is saved along with the workspace.

Keystore password conventions are as follows:

●

6-256 characters

●

Case sensitive

●

All standard keyboard characters are allowed

To change the EncrypTight keystore password:
1 On  the  Edit menu, click Change Keystore Password.
2 Enter the new password.
3 Reenter the new password, and click Apply. The vault keystore password and the passwords guarding 

the private and secret keys are changed to the new value.

●

The procedure for changing the keystore password on a ETKMS depends on whether or not the ETKMS 
includes an HSM. This section includes the following topics:

●

●