how to change PKCS12 keystore password using keytool?

问题:

I cannot change PKCS keystore password using keytool (java 8). When I tried to change the key password:

keytool -keypasswd -keystore keystore.p12 -storetype PKCS12 -storepass oldpass -keypass oldpass -new newpass keytool error: java.lang.UnsupportedOperationException: -keypasswd commands not supported if -storetype is PKCS12

It means key password cannot be changed for PKCS12 keystore. Then I tried to change the keystore password:

keytool -storepasswd -keystore keystore.p12 -storetype PKCS12 -storepass oldpass -new newpass Warning:  Different store and key passwords not supported for PKCS12 KeyStores. Ignoring user-specified -new value. keytool error: java.io.FileNotFoundException: keystore.p12 (Access is denied)

It means, we have to change keystore password and keypassword together. But there is no command to change both. What can I do?

回答1:

You can import the PKCS12 file to another PKCS12 where you can give new password for new PKCS12 file. Then you can use the new PKCS12 file or delete the previous one and rename the new file name with the old file name. Its not a straight forward way, but it fulfills the objective.A sample code is given bewlow

keytool -importkeystore -srckeystore DocCA.p12 -srcstoretype PKCS12 -srcstorepass 123456 -destkeystore DocCA2.p12 -deststoretype PKCS12 -deststorepass 11223344 

Here, DoCA.p12 is the existing PKCS12 with password 123456 which is exported in the DocCA2.p12 file with password 11223344.

转载请标明出处:how to change PKCS12 keystore password using keytool?

文章来源: how to change PKCS12 keystore password using keytool?