(iSeries)
Recreating the .kdb keystore internal password record
The IBM i keystore type IBMi5OSKeyStore does not recognize or generate .sth password stash files. Instead it keeps an internal record of the password for the .kdb keystore file where it is created. If the .kdb file is moved, the password is no longer associated with the keystore. In that case, use the Digital Certificate Manager (DCM) to recreate the internal record of the password for the .kdb keystore file.
Refer to the topic Keystore configurations for SSL before attempting this task.
To recreate the internal record of the password for the .kdb keystore file, start the DCM. See Digital Certificate Manager information.
Tasks
- Click Select a Certificate Store.
- Select Other System Certificate Store.
- Enter the certificate store path and filename.
- Enter the certificate store password.
- Click Continue.
- Select Manage Certificate Store.
- Click Change password.
- Enter the new password and confirm it. Note that DCM requires a different password than the one we specified in step 4.
- Select Automatic login.
- Click Continue.
- Click OK when a message displays that confirms that the password is changed.
- Repeat steps 1 through 5 to create the internal record of the new password for the .kdb keystore file.
- Repeat steps 1 through 12 to change the password back to the original password and to create the internal record of the original password for the .kdb keystore file.
We have recreated the internal record of the password for the .kdb keystore file.
Related:
Keystore configurations for SSL Digital Certificate Manager