Results 1 to 2 of 2

Thread: Java certificates keystore password isn't allowed to be changed

  1. #1
    Join Date
    Feb 2006
    France (Haute-Savoie)
    Rep Power

    Exclamation Java certificates keystore password isn't allowed to be changed

    Hi all,

    I was configuring the SSL connexion for the web client, and for LDAPs connections (during authentication process), and I found on this forum the following command to add a new certificate to the jre's keystore :
    keytool -import -keystore /opt/zimbra/java/jre/lib/security/cacerts -storepass "changeit" -alias <alias_name> -file <certfile_name>
    As you can see, the defaut password for this is changeit, so, I tried to change it (as it is said !!! ), with the following command found in the java keytool documentation :
    keytool -storepasswd -new <new_keystore_pass> -keystore /opt/zimbra/java/jre/lib/security/cacerts -storepass <current_keystore_pass>
    Doing that, Tomcat didn't restart, so I had to go back this modification to be able to launch Tomcat ...

    I think this might be corrected, because it sounds like a part of Zimbra is currently using the default password ...

    Because I don't know if this was the good place here, I opened a support case ("Default keystore password" with "System Down" gravity).

  2. #2
    Join Date
    Aug 2005
    San Mateo, CA
    Rep Power


    Yep changing the keystore pass will require you to make updates to the other places we reference that. The *fix* here may just be to document where we use this password and how to update all of them. A similar thing would happen if you directly changed the mysql or openLDAP password without using our wrapper scripts.
    Looking for new beta users -> Co-Founder of Acompli. Previously worked at Zimbra (and Yahoo! & VMware) since 2005.

Similar Threads

  1. [SOLVED] Installing existing SSL certificates (solved)
    By inigoml in forum Administrators
    Replies: 22
    Last Post: 02-24-2009, 10:32 AM
  2. 5.0 Install tasks
    By JoshuaPrismon in forum Installation
    Replies: 2
    Last Post: 06-06-2007, 01:18 PM
  3. httpd resident in memory but not accessible
    By AlexanderH in forum Installation
    Replies: 3
    Last Post: 05-11-2007, 10:19 AM
  4. Nothing's displayed after changed password?!?
    By chotima in forum Administrators
    Replies: 6
    Last Post: 01-26-2006, 08:29 PM
  5. Replies: 0
    Last Post: 12-04-2005, 02:34 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts