Default Java Keystore Password

1. Keystore in Java
2. Change Keystore Password in Java

This tutorial will walk you through changing your Java keystore password. But before we go any further, we need to have a basic understanding of keystore, so let’s look at it.

Keystore in Java

A keystore is a repository that may store private keys, certificates, and symmetric keys. Generally, this is a file; however, the storage may also be handled in various methods, such as using a cryptographic token or utilizing the operating system’s mechanism.

Java has a keystore file located at JAVA_HOME/jre/lib/security/cacerts, by default. We can access this keystore using the default keystore password changeit.

Change Keystore Password in Java

We can change the default password for the keystore in the following way.

1. Open cmd and write echo %PATH% to check if your keystore path is added or not.

   In our case, the keystore cacerts path is the following.

   C :\Program Files\Java\jdk - 18.0.2\lib\security\cacerts
   

2. Type the following command.

   C :\Program Files\Java\jdk - 18.0.2\lib\security\keytool - storepasswd - v - new shanii_one
       - keystore cacerts
   

   shanii_one is the new password, and the cacerts file is where the keystore is saved.

3. At the prompt that asks for the keystore password, type the current password, which is changeit by default, and then press Enter.

   Enter keystore password : changeit
   

4. Cacerts has been updated with the new password.

   It is highly recommended that we change the password for a private key to be identical to the password for the keystore because many tools will not function properly if the two passwords are different.