To increase security, you can change the passwords of the vSphere Replication appliance truststore.

The truststore passwords might be stored in an access restricted configuration file.

Procedure

  1. To change the password for the hms-truststore.jks keystore, open the remote console of your vSphere Replication virtual machine and log in as root.
  2. Obtain the current truststore password. 
    # /opt/vmware/hms/bin/hms-configtool -cmd list | grep truststore
    Example of the output: hms-truststore-password = old_password
  3. Change the truststore password.
    The following command is a long, single command and must be run at once. There are breaks in the command for better visibility. Verify that the command returns a success message. 
    # /usr/java/default/bin/keytool -storepasswd -storepass
old_password -new new_password -keystore
/opt/vmware/hms/security/hms-truststore.jks
  4. Update the configuration with the new password. 
    /opt/vmware/hms/bin/hms-configtool -cmd reconfig -property 'hms-truststore-password=new_password'
  5. Restart the vSphere Replication service. 
    # service hms restart

What to do next

If you want to change the keystore passwords of the vSphere Replication appliance, see Change the Keystore Passwords of the vSphere Replication Appliance.