Tungsten uses a keypair to enable HTTPS and to secure the user passwords within tungsten.
When you use Tungsten in production its STRONGLY recommended that you change the default keys that are shipped with Tungsten.
It should be noted that the RSA algorithm must be used to generate the key pair and the alias of it must be "tungsten". The following command can be used to create the above keystore
$ keytool -genkey -alias tungsten -keyalg RSA -keystore tungsten.jks -storepass tungsten
This will prompt for a series of questions as shown below:
What is your first and last name? [Unknown]: John Smith What is the name of your organizational unit? [Unknown]: Accounts What is the name of your organization? [Unknown]: ABC What is the name of your City or Locality? [Unknown]: Colombo What is the name of your State or Province? [Unknown]: Western What is the two-letter country code for this unit? [Unknown]: LK Is CN=John Smith, OU=Accounts, O=ABC, L=Colombo, ST=Western, C=LK correct? [no]: yes Enter key password for(RETURN if same as keystore password):
Now you will see a file with the name "tungsten.jks" created in the place where you executed the above command.
Now you can simply replace the tungsten-@tungsten_version@/conf/tungsten.jks with this new tungsten.jks file that you just created.
Since this keypair is used to secure the passwords of Tungsten users as well now we have to reset the passwords of all users.
You MUST use the chpasswd utility provided with Tungsten to reset passwords.
Please refer to the chpasswd documentation and makesure you set the password of the "admin" user first.If you want to change the keystore file name, location, keystore password or the key password :