How do I get into a non-password protected Java keystore or change the password?

JavaKeystoreKeytoolAtlassian Fisheye

Java Problem Overview

I'm trying to import a trusted certificated into the Java cacerts keystore, but I have a problem. I tried to list existing trusted certificates and it seems that the keystore isn't password protected.

$ keytool -list -keystore cacerts
Enter keystore password:

*****************  WARNING WARNING WARNING  *****************
* The integrity of the information stored in your keystore  *
* has NOT been verified!  In order to verify its integrity, *
* you must provide your keystore password.                  *
*****************  WARNING WARNING WARNING  *****************

Keystore type: JKS
Keystore provider: SUN

Your keystore contains 76 entries

I tried to import a trusted certificate:

$ keytool -importcert -alias "JiraCert" -file /root/c9ssl.crt -keystore /etc/java-6-sun/security/cacerts
Enter keystore password:  
Keystore password is too short - must be at least 6 characters
Enter keystore password:  
Keystore password is too short - must be at least 6 characters
Enter keystore password:  
Keystore password is too short - must be at least 6 characters
Too many failures - try later

I also tried to change the password from "none" to something:

$ keytool -storepasswd -keystore cacerts.back
Enter keystore password:
Keystore password is too short - must be at least 6 characters
Enter keystore password:
Keystore password is too short - must be at least 6 characters
Enter keystore password:
Keystore password is too short - must be at least 6 characters
Too many failures - try later

Java Solutions

Solution 1 - Java

> which means that cacerts keystore isn't password protected

That's a false assumption. If you read more carefully, you'll find that the listing was provided without verifying the integrity of the keystore because you didn't provide the password. The listing doesn't require a password, but your keystore definitely has a password, as indicated by:

> In order to verify its integrity, you must provide your keystore password.

Java's default cacerts password is "changeit", unless you're on a Mac, where it's "changeme" up to a certain point. Apparently as of Mountain Lion (based on comments and another answer here), the password for Mac is now also "changeit", probably because Oracle is now handling distribution for the Mac JVM as well.

Solution 2 - Java

The password of keystore by default is: "changeit". I functioned to my commands you entered here, for the import of the certificate. I hope you have already solved your problem.

Solution 3 - Java

In case if dealing with Google sign-in for android, the password for the debug keystore is android, as specified in here: https://developers.google.com/android/guides/client-auth

Solution 4 - Java

Mac Mountain Lion has the same password now it uses Oracle.

Solution 5 - Java

Getting into a non-password protected Java keystore and changing the password can be done with a help of Java programming language itself.

That article contains the code for that:

thetechawesomeness.ideasmatter.info

Categories
Recommended Java Solutions
Recommended Keystore Solutions
Recommended Keytool Solutions

Previous Solution:

How to display loading message when an iFrame is loading?

JavascriptJqueryIframe

Next Solution:

Objective-C: Property / instance variable in category

Objective CCategories

Attributions

All content for this solution is sourced from the original question on Stackoverflow.

The content on this page is licensed under the Attribution-ShareAlike 4.0 International (CC BY-SA 4.0) license.

Content TypeOriginal AuthorOriginal Content on Stackoverflow
QuestionEslamView Question on Stackoverflow
Solution 1 - JavaRyan StewartView Answer on Stackoverflow
Solution 2 - JavaGeoKlarView Answer on Stackoverflow
Solution 3 - JavaegoView Answer on Stackoverflow
Solution 4 - JavabbaassssiieeView Answer on Stackoverflow
Solution 5 - JavaOleksii KyslytsynView Answer on Stackoverflow