Recently, I had to install a new certificate on a web server, but was unable to open the keystore where the private key was generated. At some point, the password for the pskey
file has been changed (or not documented when set) so I was unable to open the file. I didn’t want to loose the private key, so I had to find a way to get into the keystore.
JKS files
The pskey
file is just a JKS (Java KeyStore) file and has a well documented format. There isn’t a built-in way to reset the password using pskeymanager
or keytool
(without knowing the existing one), but we can rewrite the JKS file and add in a new password. This gist has two classes that you can compile to rewrite your pskey
file.
This does not change the passwords on your private keys inside the keystore, just the password that opens the keystore itself.
Compile and Run
You will need to download the two classes and compile them. Save the files as:
ChangePassword.java
JKS.java
Make sure you have a JDK installed on your machine; you need to have the javac
compiler. Compile the two classes with this command:
javac ChangePassword.java
After it compiles, you will have to new .class
files. Copy your pskey
from the web server to the folder where you compiled the two classes. Finally, let’s rewrite our pskey
file with a new password:
java ChangePassword pskey pskey-new
You will be prompted to enter a new password. Now you have a new keystore file. The contents are the same, but the keystore password is reset. You can copy the pskey-new
file to your web server and rename it back to pskey
. If the password is new, you will need to update the Keystore tab in the WebLogic console, and update your integrationGateway.properties
file.
This should be a last resort, but if you find yourself unable to open pskey
you can always give this a try. Make to sure back up your pskey
file before you try anything. You don’t want to try this and end up losing the keystore completely!
Can ‘t compile the code, keep getting errors below:
c:\Program Files\Java\jdk1.8.0_131\bin>javac “c:\Users\clead\Desktop\test keystore\ChangePassword.java”
c:\Users\clead\Desktop\test keystore\ChangePassword.java:7: error: cannot find symbol
private final static JKS j = new JKS();
^
symbol: class JKS
location: class ChangePassword
c:\Users\clead\Desktop\test keystore\ChangePassword.java:7: error: cannot find symbol
private final static JKS j = new JKS();
^
symbol: class JKS
location: class ChangePassword
2 errors
Do you have JAVA_HOME set?
Hey Dan, not sure if here or on slack to talk is better, but I get the same errors and my java home is set. Any suggestions on this.
Nevermind., just changed to a different dir and it compiled ok.. 🙂