Tuesday, 7 February 2023

How to change the password of a key in keystore?

Syntax

keytool -keypasswd  -alias {alias_name} -keystore {key_store}

 

For example, let’s generate a key by executing below command.

keytool -genkey -keyalg RSA -keystore myKeystore.jks -keysize 2048

$keytool -genkey -keyalg RSA -keystore myKeystore.jks -keysize 2048
Enter keystore password:  
keytool error: java.lang.Exception: Key pair not generated, alias <mykey> already exists
$keytool -genkey -keyalg RSA -keystore myKeystore.jks -keysize 2048 -alias demoKey
Enter keystore password:  
What is your first and last name?
  [Unknown]:  Ram
What is the name of your organizational unit?
  [Unknown]:  hr
What is the name of your organization?
  [Unknown]:  abcCorp
What is the name of your City or Locality?
  [Unknown]:  Bangalore
What is the name of your State or Province?
  [Unknown]:  Karnataka
What is the two-letter country code for this unit?
  [Unknown]:  IN
Is CN=Ram, OU=hr, O=abcCorp, L=Bangalore, ST=Karnataka, C=IN correct?
  [no]:  y

Generating 2,048 bit RSA key pair and self-signed certificate (SHA256withRSA) with a validity of 90 days
	for: CN=Ram, OU=hr, O=abcCorp, L=Bangalore, ST=Karnataka, C=IN
Enter key password for <demoKey>
	(RETURN if same as keystore password):  
Re-enter new password: 

Warning:
The JKS keystore uses a proprietary format. It is recommended to migrate to PKCS12 which is an industry standard format using "keytool -importkeystore -srckeystore myKeystore.jks -destkeystore myKeystore.jks -deststoretype pkcs12".
$

Reset the password of alias demoKey

$keytool -keypasswd  -alias demoKey -keystore myKeystore.jks
Enter keystore password:  
Enter key password for <demoKey>
New key password for <demoKey>: 
Re-enter new key password for <demoKey>: 

Warning:
The JKS keystore uses a proprietary format. It is recommended to migrate to PKCS12 which is an industry standard format using "keytool -importkeystore -srckeystore myKeystore.jks -destkeystore myKeystore.jks -deststoretype pkcs12".





Previous                                                 Next                                                 Home

No comments:

Post a Comment