To increase security, you can change the passwords of the vSphere Replication appliance truststore.
The truststore passwords might be stored in an access restricted configuration file.
- To change the password for the hms-truststore.jks keystore, open the remote console of your vSphere Replication virtual machine and log in as root.
- Obtain the current truststore password.
# /opt/vmware/hms/bin/hms-configtool -cmd list | grep truststoreExample of the output:
hms-truststore-password = old_password
- Change the truststore password.
The following command is a long, single command and must be run at once. There are breaks in the command for better visibility. Verify that the command returns a success message.
# /usr/java/default/bin/keytool -storepasswd -storepass old_password -new new_password -keystore /opt/vmware/hms/security/hms-truststore.jks
- Update the configuration with the new password.
/opt/vmware/hms/bin/hms-configtool -cmd reconfig -property 'hms-truststore-password=new_password'
- Restart the vSphere Replication service.
# service hms restart
What to do next
If you want to change the keystore passwords of the vSphere Replication appliance, see Change the Keystore Passwords of the vSphere Replication Appliance.