JRS 7.5.0 - Export/Import - Keytool issue

[yann22580]

On 2 JasperReports Server 7.5.0 environments I need to export from one to import on the 2nd.

The answer should be here (or in the security guide) : https://community.jaspersoft.com/documentation/tibco-jasperreports-server-security-guide/v7/using-custom-keys

If I understand correctly I have 2 files in my home directory (.jrsks and jrsksp) from the installation.

But to build a new same key to share in your 2 environments you need to generate it like this, cf security guide : (keytool command is in jasper/java/bin directory)

keytool -genseckey -keystore C:users<you> -storetype jceks -storepass storepw -keyalg AES -keysize 128 -alias importExportEncSecret -keypass myimportexportpw

 Problem is I get an error : erreur keytool : java.io.IOException: Keystore was tampered with, or password was incorrect

Is anyone have an idea ? I am blocked to import new reports or updates on production environment (it was not planned to migrate to version 7.5.0 before the tests...)

Thanks guys,

Yann

[yann22580]

I thought I got the error because I was trying to use "-keystore C:Users<myname>" so I changed it to :

keytool -genseckey -keystore C:Jaspersoftjasperreports-server-cp-7.5.0buildomatic.jrsks -storetype jceks -storepass storepw -keyalg AES -keysize 128 -alias importExportEncSecret -keypass myimportexportpw[/code]

The command generates a .jrsks file but I have a warning :

"The JCEKS file use a proprietary format. you should migrate to PKCS12 wich is a standard format using

"keytool -importkeystore -srckeystore C:Jaspersoftjasperreports-server-cp-7.5.0buildomatic.jrsks -destkeystore C:Jaspersoftjasperreports-server-cp-7.5.0buildomatic.jrsks -deststoretype pkcs12"

I did nothing for the warning this time and I just tried to list the key in the keystore : keytool -list -v -keystore C:Jaspersoftjasperreports-server-cp-7.5.0buildomatic.jrsks -storetype jceks

It asks me for the keyfile password, so I wrote 'myimportexportpw' (isn't it?) but I still have the same issue :

"erreur keytool : java.io.IOException: Keystore was tampered with, or password was incorrect "

Yeah, great... I understand 'myimportexportpw' is used as an ecryption key but there is no password to list the keys in the keystore, just type 'enter'..

Then I js-import my .jrsks on the Windows and Linux environments and import my report (new export because of the new key) on the linux one, success!