Customize Keystore Credentials

You can customize keystore credentials. The Enterprise Console preserves your customized keystore/truststore passwords.

Warning: To keep your customized files backed up, place them under the <EC_installationDir>/conf/keys directory. Placing your files anywhere besides <EC_installationDir>/conf/keys is not recommended because they may not be backed up.

If you change the keystore content for the Enterprise Console, you must re-run the change-keystore-password command and re-encrypt. Then, you need to restart the Enterprise Console. See Controller Secure Credential Store for more information.

Get Encrypted Password

You can update the password for the .jks files. If you do, you must also update the password in the PlatformAdminApplication.yml file.

Warning: Do not change the supportedProtocols in the PlatformAdminApplication.yml file.

To get an encrypted password:

Note:

- Make a note of the generated password to use in Step 4.

- For the keystore.jks file to work for the Enterprise Console, the storepass and keypass must be the same.

  1. Use the Enterprise Console CLI to encrypt the new password:

    ./platform-admin.sh encrypt -t '<plain_text_password>'

  2. Change the storepass in keystore.jks by using the <plain_text_password> from Step 1:

    keytool -storepasswd -keystore keystore.jks

  3. Change the ec-server keypass in keystore.jks by using the <plain_text_password> from Step 1:

    keytool -keypasswd -alias ec-server -keystore keystore.jks

  4. Use the encrypted password to update the Enterprise Console Dropwizard confirmation yml file (PlatformAdminApplication.yml) for the key "keyStorePassword".

  5. Restart the Enterprise Console.