This article introduces how to change the keystore file password after keystore has been created. 

To enable SSL in CA PPM, one of mandatory steps is to create the SSL key pair and keystore file which is to store key pair. A user may either use the default keystore carried by the application or create a new keystore.

Due the security reasons, keystore file and key pair in it are usually protected by the password which is set as 'keystore' in  default keystore file included standard within the application, or <password> which is specified with keytool command line parameter '-storepass <password>' if creating a new keystore.

Sometimes, user would like to change this password to some other value after keystore file is created. In such scenario, please refer to below instruction to change both keystore password and key pair password to new value and ensure they are identical because Clarity only accept one password to access both keystore file and key pair.

Step 1: change keystore password
keytool -storepasswd -storepass <old store password, default one is keystore> -new <new password> -keystore <keystore file full path>

Step 2: change key pair password
keytool -keypasswd -keypass <old store password, default one is keystore> -new <new password> -storepass <latest key store password set in previous command> -keystore <keystore file full path>

If password passed to -keypass and -storepass are different, you may see 'this page can't be displayed' error when accessing CA PPM Application Server over HTTPS.