Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8193046

Difficult to change built-in password for JDK 9 cacerts store

    XMLWordPrintable

Details

    • Bug
    • Resolution: Duplicate
    • P3
    • None
    • 9.0.1
    • security-libs

    Description

      Changing the password on cacerts file

      We use the Oracle distributed cacerts file in our software after changing its
      default password. We simply copy the cacerts file as distributed in the JDK
      and use the following command (which had worked for many release of Java)

      # keytool -storepasswd -new <new password> -keystore ./cacerts -storepass
      changeit

      Using Java 9 version:
      java version "9.0.1"
      Java(TM) SE Runtime Environment (build 9.0.1+11)
      Java HotSpot(TM) 64-Bit Server VM (build 9.0.1+11, mixed mode)

      We now get this warning:
      Warning: Different store and key passwords not supported for PKCS12
      KeyStores. Ignoring user-specified -new value.

      Following the lead with this warning message, we tried to modify both store
      and key passwords using this command:

      # keytool -storepasswd -new <new password> -keystore ./cacerts -storepass
      changeit -keypasswd -new <new password> -keypass changeit

      But we get this error message upon trying that:
      keytool error: java.lang.UnsupportedOperationException: -keypasswd commands
      not supported if -storetype is PKCS12

      What is the exact command syntax for changing the built-in password?

      Attachments

        Issue Links

          Activity

            People

              weijun Weijun Wang
              shadowbug Shadow Bug
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: