cancel
Showing results for 
Search instead for 
Did you mean: 

Anyone know what a KeyStore Password file is?

Hennepin-JB
Level 3

If I want to install my own "3rd Party" certificate for the Web Management Console (aka "the Modern UI"), the documentation at https://www.veritas.com/support/en_US/doc/21733320-132525226-0/v133148073-132525226 says I need to generate a Java Keystore file and a "keystore password file".  

The Java Keystore isn't a big deal, Oracle's documentation on how to create a keystore, give it a password, and store a certificate in it is good enough.  But I can't find anything that leads me to believe that a "keystore password file" is than the figment of the imaginations of several people at Veritas.

Who else has installed a third party certificate for the 8.1.2 modern web UI?  And how did you create the keystore password file?

9 REPLIES 9

RiaanBadenhorst
Moderator
Moderator
Partner    VIP    Accredited Certified

Am I correct in assuming that your question relates to steps 2 and 3 shown below and the fact that, unless you're specifically familiar with these concepts, "Convert the third-party certificate" & "Create a keystore password file" are not tasks that you can easily perform on your master server unless you know anything about security and certificates? 

  1. Ensure that you have a valid third-party certificate and a matching private key.
  2. Convert the third-party certificate and the private key into a password-protected Java KeyStore file.
  3. Create a keystore password file that contains the password, which can be used to access the Java KeyStore file.

 

Yes, that's what I'm asking.  And while it's not somehting I do every day, I'm not a complete noob when it comes to PKI and SSL certificates.  I just don't deal with Java development, so a Keystore is new to me.

I can do a CSR and get a cert from my local Windows CA, but seriously, try a Google search of "Keystore Password file" there are no relevent search results.

 

RiaanBadenhorst
Moderator
Moderator
Partner    VIP    Accredited Certified

Well I am a noob in this domain. My point being that the documentation should be a bit more helpful and not assume that everybody knows everything about everything.

I agree with you completely about the documentation.

X2
Moderator
Moderator
   VIP   

Just to chime in, last week I was reading the Administrator Guide I and on less than 2 hours I noticed 3 errors that confused me. Ended up wasting lot more time trying to verify that the problem was not my understanding but the documentation itself. The quality of documentation definitely needs to improve for NetBackup.

A couple of weeks ago, at Microsoft Ignite, I happened to meet a Senior Product Manager from Veritas, and when asked about what I thought could be improved about NBU, documentation was one of my key points.

But I'd still really like an answer to my original question.

PJOGC
Level 1

Did you find a solution for creating a password file?

Nope, I haven't found a solution on my own.  If I happen to find something, or am provided a solution outside of this forum, I'll post it here.

The keystore password file is just a file containing the password to access JAVA keystore file. It could be any name or extension 

 

For Example:

To import the CA certificate I would use the below keytool 

keytool -importcert -noprompt -trustcacerts  -file certificate.crt -keystore test.jks -storepass password2 -alias testCA

 

So my password file would be any file which contains the text as  - "password2" in it (without quotes)

Let me know if you face any issues or need any help with any commands while trying to setup the 3rd party certificates and I can try to help you out