Black Box ET0010A User Manual
Changing the Keystore Password
EncrypTight User Guide
267
Changing the Keystore Password on a ETKMS
Changing the password on a ETKMS involves multiple steps, including:
1 Stop the ETKMS service
2 Use keytool to change the password
3 Change the password for each individual key stored
4 Change the password listed in the ETKMS properties file
5 Restart the ETKMS service
1 Stop the ETKMS service
2 Use keytool to change the password
3 Change the password for each individual key stored
4 Change the password listed in the ETKMS properties file
5 Restart the ETKMS service
Stopping the ETKMS Service
To stop the ETKMS service:
1 Open an SSH session and log into the ETKMS.
2 At the command line, enter
1 Open an SSH session and log into the ETKMS.
2 At the command line, enter
service etkms stop
Change the Password Used by Keytool
Use the keytool utility to change the password of the keystore. The default password for the ETKMS
keystore is g3h31m.
keystore is g3h31m.
To change the keystore password on the ETKMS:
1 Open an SSH session and log into the ETKMS.
2 At the command line, enter
1 Open an SSH session and log into the ETKMS.
2 At the command line, enter
keytool -storepasswd -new <NewPassword> -keystore etkms.keystore
-storepass <CurrentPassword>
-storepass <CurrentPassword>
The new password must be at least 6 characters long. If you do not specify the current password on
the command line, you will be prompted for it.
the command line, you will be prompted for it.
NOTE
If you change the password for the keystore that keytool uses, you must also change the password used
by the ETKMS software. If the keystore password and the password stored in the ETKMS properties file
do not match, errors will be logged and the ETKMS will be unable to generate and renew encryption keys.
For instructions on changing the password stored in the ETKMS properties file, see
by the ETKMS software. If the keystore password and the password stored in the ETKMS properties file
do not match, errors will be logged and the ETKMS will be unable to generate and renew encryption keys.
For instructions on changing the password stored in the ETKMS properties file, see
Change the Password for Individual Keys
You also use the keytool utility to change the password for each key stored.
To change the password for individual keys:
1 List the keys with passwords that need to be changed by typing:
1 List the keys with passwords that need to be changed by typing:
keytool -list -keystore etkms.keystore -storepass <KeyStorePassword>
2 For each key, change the password with the following command using the appropriate alias (the first
name on each line in the results from the command above):
keytool -keypasswd -keystore etkms.keystore -storepass
<KeyStorePassword>
-keypass <OldKeyPassword> -new <NewKeyPassword>
<KeyStorePassword>
-keypass <OldKeyPassword> -new <NewKeyPassword>