Changing the CACERTS password results in "Keystore was tampered with"
 Technote (troubleshooting)
 
Problem(Abstract)
After changing the password for the CACERTS file in /WAS_HOME/java/jre/lib/security, the application fails to make the SSL connection and this message appears in the server's SystemOut.log:

java.net.SocketException: KeyManagerFactoryImpl: Keystore was tampered
with, or password was incorrect
 
Cause
The truststore and keystore files and passwords were not set. If these are not set, IBM® JSSE assumes that CACERTS is the truststore as well as the keystore and that the password is the default password : "changeit"

Applications using IBM JSSE are required to specify which files act as the
keystore and truststore and what the passwords are. The following system
properties must be set either programatically or when launching the
application that uses IBM JSSE -

javax.net.ssl.trustStore
javax.net.ssl.trustStorePassword
javax.net.ssl.keyStore
javax.net.ssl.keyStorePassword

 
Resolving the problem
To set the properties in the Java™ Virtual Machine, open the administrative console and navigate to
servers-->server_name-->process definition -->java virtual machine-->custom properties .
Add these property names and values:

javax.net.ssl.trustStore value: WAS_HOME/java/jre/lib/security/cacerts javax.net.ssl.trustStorePassword value: mypassword
javax.net.ssl.keyStore value: WAS_HOME/java/jre/lib/security/cacerts javax.net.ssl.keyStorePassword value: mypassword

Apply and save the changes and restart the server.

Note that all four properties must be set, even if the same file is used for trustStore and keyStore.
 
Related information
Using JSSE
 
 
Cross Reference information
Segment Product Component Platform Version Edition
Application Servers Runtimes for Java Technology Java SDK
 
Historical Number
22817 033 000
 
 


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server > Java Security (JSSE/JCE)
Operating system(s): Windows
Software version: 6.0.2
Software edition:
Reference #: 1220252
IBM Group: Software Group
Modified date: Oct 21, 2008