OUD12c How to Obtain the Clear Text Value of the Attributes "ds-cfg-key-store-pin" and "ds-cfg-trust-store-pin" for the Key Manager and Trust Manager Providers using the Switch "--showKeystorePassword" (Doc ID 2982232.1)

Last updated on MAY 23, 2024

Applies to:

Goal

How to obtain the clear text value of the attribute key-store-pin for the "Key Manager Providers" and the "Trust Manager Providers"

Please be aware this applies only to OUD12.2.1.4.210406 BP and greater.

- For reference

Updates in April 2021 Documentation Refresh for 12c Release (12.2.1.4.0)

Keystore and Truststore Enhancements

This release onwards the pin to keystores and truststores will not be stored in PIN files. Instead it will be stored in encrypted form in the corresponding configuration entry within Oracle Unified Directory. For details about keystores, see Configuring Key Manager Providers. For details about truststores, see Configuring Trust Manager Providers.

The dsconfig utility is enhanced to include a new argument --showKeystorePassword to retrieve the password for the keystore or trustore. When you run the dsconfig utility by passing the --showKeystorePassword argument, the password is decrypted and is displayed in clear text on the terminal. You can no longer obtain the password directly from the PIN file. For details about the --showKeystorePassword argument, see dsconfig.
<SNIPPED>

Solution

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.