Update default key store passwords using scripting
Use the Jython or Jacl scripting language to change the default key store passwords. A key store file is created with a default password when we install the application server. Change this password to protect the security configuration.
See the Starting the wsadmin scripting client article for more information.
When we install the application server, each server creates a key store and trust store for the default SSL configuration with the default password WebAS. To protect the security of the key store files and the SSL configuration, change the password. The following examples update the default password:
Tasks
- Change multiple key stores passwords. The changeMultipleKeyStorePasswords command updates all of the key stores that have the same password. For example:
- Jacl:
$AdminTask changeMultipleKeyStorePasswords {-keyStorePassword WebAS -newKeyStorePassword secretPwd -newKeyStorePasswordVerify secretPwd}- Jython:
AdminTask.changeMultipleKeyStorePasswords ('[-keyStorePassword WebAS -newKeyStorePassword secretPwd -newKeyStorePasswordVerify secretPwd]')
- Change the password of a single key store. The changeKeyStorePassword command updates the password of an individual key store. For example:
- Jacl:
$AdminTask changeKeyStorePassword {-keyStoreName testKS -scopeName (cell):localhost:(server):server1 -keyStorePassword WebAS -newKeyStorePassword secretPwd -newKeyStorePasswordVerify secretPwd}- Jython:
AdminTask.changeKeyStorePassword ('[-keyStoreName testKS -scopeName (cell):localhost:(server):server1 -keyStorePassword WebAS -newKeyStorePassword secretPwd -newKeyStorePasswordVerify secretPwd]')
Start the wsadmin scripting client Commands for the AdminTask object SpnegoTAICommands group for the AdminTask object (deprecated)