After updating the Certificates for Identity Manager and Identity Portal in a VAPP deployment, both applications failed to start with an error message 

2025-07-22 11:13:37,086 ERROR [org.jboss.as.controller.management-operation] (Controller Boot Thread) WFLYCTL0013: Operation ("add") failed - address: ([
    ("core-service" => "management"),
    ("security-realm" => "WebSslRealm")
]) - failure description: {"WFLYCTL0080: Failed services" => {"org.wildfly.core.management.security.realm.WebSslRealm.key-manager" => "WFLYDM0018: Unable to start service
    Caused by: java.security.UnrecoverableKeyException: Cannot recover key"}}

This was caused by a mismatch between the PRIVATEKEY and the KEYSTORE passwords.   They should be the same password. 

Update the keystore so the PRIVATEKEY (storepass) and the KEYSTORE (keypass) passwords match. 

the following example will set both passwords to 'examplepassword' on VAPP Identity Manager node 1:

keytool -alias {aliasname} -keystore {keystorename} -storepass examplepassword -keypass -new examplepassword