You can use the Jython or Jacl scripting languages to configure keystores with the wsadmin tool. A keystore is created by the application server during install and can contain cryptographic keys or certificates. The commands and parameters in the KeyStoreCommands group can be used to create, delete, and manage keystores.
The changeKeyStorePassword command modifies the password of a keystore. The command automatically saves the new password to the configuration.
Required parameters
Optional parameters
Examples
Batch mode example usage:
$AdminTask changeKeyStorePassword {-keystoreName myKeystore -keyStorePassword WebAS -newKeyStorePassword newpwd -newKeyStorePasswordVerify newpwd}
AdminTask.changeKeyStorePassword('[-keystoreName myKeystore -keyStorePassword WebAS -newKeyStorePassword newpwd -newKeyStorePasswordVerify newpwd]')
AdminTask.changeKeyStorePassword(['-keystoreName', 'myKeystore', '-keyStorePassword', 'WebAS', '-newKeyStorePassword', 'newpwd', '-newKeyStorePasswordVerify', 'newpwd'])
Interactive mode example usage:
$AdminTask changeKeyStorePassword {-interactive}
AdminTask.changeKeyStorePassword('-interactive')
The changeMultipleKeyStorePasswords command updates the passwords for each keystores in the configuration that has a specific password. This is useful because when you create keystore files on the system, they will have WebAS as a password by default.
Required parameters
Optional parameters
None.Examples
Batch mode example usage:
$AdminTask changeMultipleKeyStorePasswords {-keyStorePassword WebAS -newKeyStorePassword newpwd -newKeyStorePasswordVerify newpwd}
AdminTask.changeMultipleKeyStorePasswords('[-keyStorePassword WebAS -newKeyStorePassword newpwd -newKeyStorePasswordVerify newpwd]')
AdminTask.changeMultipleKeyStorePasswords(['-keyStorePassword', 'WebAS', '-newKeyStorePassword', 'newpwd', '-newKeyStorePasswordVerify', 'newpwd'])
Interactive mode example usage:
$AdminTask changeMultipleKeyStorePasswords {-interactive}
AdminTask.changeMultipleKeyStorePasswords('-interactive')
The createKeyStore command creates the keystore settings in the configuration and the keystore database.
Required parameters
Optional parameters
Examples
Batch mode example usage:
$AdminTask createKeyStore {-keyStoreName testKS -keyStoreType JCEKS -keyStoreLocation c:/temp/testKeyFile.p12 -keyStorePassword testpwd -keyStorePasswordVerify testpwd -keyStoreIsFileBased true -keyStoreInitAtStartup true -keyStoreReadOnly false}
AdminTask.createKeyStore('[-keyStoreName testKS -keyStoreType JCEKS -keyStoreLocation c:/temp/testKeyFile.p12 -keyStorePassword testpwd -keyStorePasswordVerify testpwd -keyStoreIsFileBased true -keyStoreInitAtStartup true -keyStoreReadOnly false]')
AdminTask.createKeyStore(['-keyStoreName', 'testKS', '-keyStoreLocation', '-keyStoreType', 'JCEKS', 'c:/temp/testKeyFile.p12', '-keyStorePassword', 'testpwd', '-keyStorePasswordVerify', 'testpwd', '-keyStoreIsFileBased', 'true', '-keyStoreInitAtStartup', 'true', '-keyStoreReadOnly', 'false'])
Interactive mode example usage:
$AdminTask createKeyStore {-interactive}
AdminTask.createKeyStore('-interactive')
The createCMSKeyStore command creates a CMS keystore database and the keystore settings in the configuration.
Required parameters
Optional parameters
None.Examples
Batch mode example usage:
$AdminTask createCMSKeyStore {-cmsKeyStoreURI CMSKeystoreURI -pluginHostName myHostName}
AdminTask.createCMSKeyStore('-cmsKeyStoreURI CMSKeystoreURI -pluginHostName myHostName')
AdminTask.createCMSKeyStore(['-cmsKeyStoreURI', 'CMSKeystoreURI', '-pluginHostName', 'myHostName'])
Interactive mode example usage:
$AdminTask createCMSKeyStore {-interactive}
AdminTask.createCMSKeyStore('-interactive')
The deleteKeyStore command deletes the settings of a keystore from the configuration and the keystore file.
Required parameters
Optional parameters
Examples
Batch mode example usage:
$AdminTask deleteKeyStore {-keyStoreName testKS}
AdminTask.deleteKeyStore('[-keyStoreName testKS]')
AdminTask.deleteKeyStore(['-keyStoreName', 'testKS'])
Interactive mode example usage:
$AdminTask deleteKeyStore {-interactive}
AdminTask.deleteKeyStore('-interactive')
The exchangeSigners command exchange signer certificate between keystores.
Required parameters
Optional parameters
Examples
Batch mode example usage:
$AdminTask exchangeSigners {-keyStoreName1 testKS -certificateAliasList1 testCert1 -keyStoreName2 secondKS -certificateAlaisList2 certAlis}
AdminTask.exchangeSigners('[-keyStoreName1 testKS -certificateAliasList1 testCert1 -keyStoreName2 secondKS -certificateAlaisList2 certAlis]')
AdminTask.exchangeSigners(['-keyStoreName1', 'testKS', '-certificateAliasList1', 'testCert1', '-keyStoreName2', 'secondKS', '-certificateAlaisList2', 'certAlis'])
Interactive mode example usage:
$AdminTask exchangeSigners {-interactive}
AdminTask.exchangeSigners('-interactive')
The getKeyStoreInfo command displays the settings of a particular keystore.
Required parameters
Optional parameters
Examples
Batch mode example usage:
$AdminTask getKeyStoreInfo {-name testKS}
AdminTask.getKeyStoreInfo('[-name testKS]')
AdminTask.getKeyStoreInfo(['-name', 'testKS'])
Interactive mode example usage:
$AdminTask getKeyStoreInfo {-interactive}
AdminTask.getKeyStoreInfo('-interactive')
The listKeyFileAliases command lists the certificates in a keystore file.
Required parameters
Optional parameters
None.Examples
Batch mode example usage:
$AdminTask listKeyFileAliases {-keyFilePath c:/temp/testKeyFile.p12 -keyFilePassword testPwd -keyFileType PKCS12}
$AdminTask listKeyFileAliases {-keyFilePath /temp/testKeyFile.p12 -keyFilePassword testPwd -keyFileType PKCS12}
AdminTask.listKeyFileAliases('[-keyFilePaht c:/temp/testKeyFile.p12 -keyFilePassword testPwd -keyFileType PKCS12]')
AdminTask.listKeyFileAliases('[-keyFilePaht /temp/testKeyFile.p12 -keyFilePassword testPwd -keyFileType PKCS12]')
AdminTask.listKeyFileAliases(['-keyFilePaht', 'c:/temp/testKeyFile.p12', '-keyFilePassword', 'testPwd', '-keyFileType', 'PKCS12'])
AdminTask.listKeyFileAliases(['-keyFilePaht', '/temp/testKeyFile.p12', '-keyFilePassword', 'testPwd', '-keyFileType', 'PKCS12'])
Interactive mode example usage:
$AdminTask listKeyFileAliases {-interactive}
AdminTask.listKeyFileAliases('-interactive')
The listKeyStores command lists the keystore for a particular scope.
Required parameters
None.Optional parameters
Examples
Batch mode example usage:
$AdminTask listKeyStores
AdminTask.listKeyStores()
Interactive mode example usage:
$AdminTask listKeyStores {-interactive}
AdminTask.listKeyStores('-interactive')
The listKeyStoreTypes command lists all valid keystore types.
Required parameters
None.Optional parameters
None.Examples
Batch mode example usage:
$AdminTask listKeyStoreTypes
AdminTask.listKeyStoreTypes()
Interactive mode example usage:
$AdminTask listKeyStoreTypes {-interactive}
AdminTask.listKeyStoreTypes('-interactive')
Required parameters
Optional parameters
Examples
Batch mode example usage:
$AdminTask modifyKeyStore {-keyStoreName CellDefaultKeyStore -keyStoreLocation c:/temp/testKeyFile.p12 -keyStoreType JCEKS -keyStorePassword my1password}
$AdminTask modifyKeyStore {-keyStoreName CellDefaultKeyStore -keyStoreLocation /temp/testKeyFile.p12 -keyStoreType JCEKS -keyStorePassword my1password}
AdminTask.modifyKeyStore('-keyStoreName CellDefaultKeyStore -keyStoreLocation c:\temp\testKeyFile.p12 -keyStoreType JCEKS -keyStorePassword my1password')
AdminTask.modifyKeyStore('keyStoreName CellDefaultKeyStore -keyStoreLocation /temp/testKeyFile.p12 -keyStoreType JCEKS -keyStorePassword my1password')
Interactive mode example usage:
$AdminTask modifyKeyStore {-interactive}
AdminTask.modifyKeyStore('-interactive')