VMware vSphere Replication 8.6

9.0 8.8 8.7 8.6
简体中文 Deutsch Español Français Italiano 日本語 한국어 繁體中文 English

Change the Keystore Passwords of the
vSphere Replication
 Appliance

To increase security, you can change the passwords of the
vSphere Replication
 appliance keystore. If you copy the keystores from the appliance to another machine, you must change the passwords before the copy operation.
The keystore passwords might be stored in an access restricted configuration file.
vSphere Replication
 has the following keystores:
  • /opt/vmware/hms/security/hms-keystore.jks
    , which contains the
    vSphere Replication
     appliance private key and certificate.
  • /opt/vmware/hms/security/hms-truststore.jks
    , which contains additional CA certificates besides the ones that Java already trusts.
  1. To change the password for the
    hms-keystore.jks
     keystore, open the remote console of your
    vSphere Replication
     virtual machine and log in as root.
  2. Obtain the current keystore password. 
    # /opt/vmware/hms/bin/hms-configtool -cmd list | grep keystore
    Example of the output
    hms-keystore-password =
    old_password
  3. Change the keystore password. 
     # /usr/java/default/bin/keytool -storepasswd -storepass old_password -new new_password -keystore /opt/vmware/hms/security/hms-keystore.jks
  4. Change the
    vSphere Replication
     appliance private key password.
    The following command is a long, single command and must be run at once. There are breaks in the command for better visibility. Verify that the command returns a success message. 
    # /usr/java/default/bin/keytool -keypasswd -alias jetty -keypass
old_password -new new_password -storepass new_password -keystore
/opt/vmware/hms/security/hms-keystore.jks
  5. Update the configuration with the new password. 
    /opt/vmware/hms/bin/hms-configtool -cmd reconfig -property 'hms-keystore-password=new_password'
  6. Update the tomcat
    server.xml
     file with the new password. 
    sed -i 's/old_password/new_password/g' /var/opt/apache-tomcat/webapps/dr/WEB-INF/classes/h5dr.properties
  7. Reboot the appliance for the changes to take effect. 
    # reboot
  8. Use a supported browser to log in to the
    VRMS Appliance Management Interface
    .
    The URL for the
    VRMS Appliance Management Interface
     is https://
    vr-appliance-address
    :5480.
  9. Click
    Configure
    , and click
    Restart
    .
If you want to change the truststore passwords of the
vSphere Replication
 appliance, see Change the Truststore Passwords of the vSphere Replication Appliance.

Content feedback and comments