How to migrate keystore generated with IBM keytool to oracle standard keystore

0
votes

I am trying to migrate a web application from Websphere Application server to Websphere Liberty Profile(WLP). The application is doing some encrypting/decryption using a secret key stored in a keystore. This keystore was generated long time ago using keytool program coming from an IBM JDK.

Now, migrating the code to WLP means it will now run under a standard, Oracle JVM, which is unable to read the old keystore file (throws java.io.IOException: Invalid secret key format).

My question is how can i migrate the keystore file, keeping the original secret key, to a format that the Oracle JVM will be able to read.

1
javaencryptionkeystorewebsphere-libertykeytool
What file format is used. What JVM version is used. How is Liberty configured to use the keystore? Why does moving to WLP require you to run an Oracle Java? WLP will run on IBM Java, Oracle Java and OpenJDK so there shouldn't be a requirement to change Java. - Alasdair
keystore type is : jceks <br/> jvm version: 1.8 how is keystore used: loaded programatically in java code - mihais

1 Answers

0
votes

I was living with the wrong idea that WLP only runs with standard Oracle JVM, but as pointed by Alasdair, WLP can be configured to run with JVMs from other vendors. So i fixed the problem by running WLP with the IBM JVM (configuration done in server.env) which could correctly read the keystore file.