cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Showing results for 
Search instead for 
Did you mean: 

Do the keystore.pfk and the keystore-password change after the initial installation.

SOLVED
saguiarde
Granite

Do the keystore.pfk and the keystore-password change after the initial installation.

Hello all, 

 

We are running TWX 8.4 on a Kubernetes environment. We want to if the following files remain constant after the initial installation? 

  • \\ThingworxPlatform\keystore-password
  • \\ThingworxStorage\keystore.pfx

I am aware that after an application key has been created, it uses the symmetric key stored in \\ThingworxStorage\keystore.pfx. When it uses, does the file get updated?

 

Thanks

 

1 ACCEPTED SOLUTION

Accepted Solutions

Re: Do the keystore.pfk and the keystore-password change after the initial installation.

Hi Saguiarde

 

Can you give more details aobut initial installation? 

 

Below comment is from ThingWorx 8 help center. It point out clearly that if user need to maintain TW instance, they should keep /ThingworxStorage/keystore.jks and /ThingworxPlatform/keystore-password so created application Keys can be correctly decrpted. On the opposite, if those 2 files do not exist, TW server will create new files with new symmetric key, in this case decryption of existing appliation keys would fail.

 

http://support.ptc.com/help/thingworx_hc/thingworx_8_hc/en/#page/ThingWorx%2FHelp%2FComposer%2FSecur...

The keyID is stored encrypted in the database. The symmetric key used to encrypt the value is stored in /ThingworxStorage/keystore.jks, and the password for the keystore is stored in /ThingworxPlatform/keystore-password. If these files do not exist, they will be generated. If a symmetric key does not exist, one will be created before the system starts. If you are installing and maintaining the ThingWorx server, make sure to keep these files. If the files are lost, the application keys do no function, meaning the value cannot be encrypted during the system start, and the existing application keys can no longer be saved or authenticated.

 

Let me know if above answer your question or not.

View solution in original post

1 REPLY 1

Re: Do the keystore.pfk and the keystore-password change after the initial installation.

Hi Saguiarde

 

Can you give more details aobut initial installation? 

 

Below comment is from ThingWorx 8 help center. It point out clearly that if user need to maintain TW instance, they should keep /ThingworxStorage/keystore.jks and /ThingworxPlatform/keystore-password so created application Keys can be correctly decrpted. On the opposite, if those 2 files do not exist, TW server will create new files with new symmetric key, in this case decryption of existing appliation keys would fail.

 

http://support.ptc.com/help/thingworx_hc/thingworx_8_hc/en/#page/ThingWorx%2FHelp%2FComposer%2FSecur...

The keyID is stored encrypted in the database. The symmetric key used to encrypt the value is stored in /ThingworxStorage/keystore.jks, and the password for the keystore is stored in /ThingworxPlatform/keystore-password. If these files do not exist, they will be generated. If a symmetric key does not exist, one will be created before the system starts. If you are installing and maintaining the ThingWorx server, make sure to keep these files. If the files are lost, the application keys do no function, meaning the value cannot be encrypted during the system start, and the existing application keys can no longer be saved or authenticated.

 

Let me know if above answer your question or not.

View solution in original post

Announcements

Check out the upcoming Expert Session: Understanding ThingWorx Navigate Licensing in Community "Customer Events" section.