Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8193046

Difficult to change built-in password for JDK 9 cacerts store

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Duplicate
    • Icon: P3 P3
    • None
    • 9.0.1
    • security-libs

      Changing the password on cacerts file

      We use the Oracle distributed cacerts file in our software after changing its
      default password. We simply copy the cacerts file as distributed in the JDK
      and use the following command (which had worked for many release of Java)

      # keytool -storepasswd -new <new password> -keystore ./cacerts -storepass
      changeit

      Using Java 9 version:
      java version "9.0.1"
      Java(TM) SE Runtime Environment (build 9.0.1+11)
      Java HotSpot(TM) 64-Bit Server VM (build 9.0.1+11, mixed mode)

      We now get this warning:
      Warning: Different store and key passwords not supported for PKCS12
      KeyStores. Ignoring user-specified -new value.

      Following the lead with this warning message, we tried to modify both store
      and key passwords using this command:

      # keytool -storepasswd -new <new password> -keystore ./cacerts -storepass
      changeit -keypasswd -new <new password> -keypass changeit

      But we get this error message upon trying that:
      keytool error: java.lang.UnsupportedOperationException: -keypasswd commands
      not supported if -storetype is PKCS12

      What is the exact command syntax for changing the built-in password?

            weijun Weijun Wang
            shadowbug Shadow Bug
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: