How to Generate a Passphrase by Using the pktool setpin Command
You can generate a passphrase for an object in a keystore, and for the keystore itself. The passphrase is required to access the object or keystore. For an example of generating a passphrase for an object in a keystore, see Example 15–4.
-
Generate a passphrase for access to a keystore.
% pktool setpin keystore=nss|pkcs11 dir=directory
-
Answer the prompts.
If the keystore does not have a password already set, press the Return key to create the password.
Enter current token passphrase:Press the Return key Create new passphrase:Type the passphrase that you want to use Re-enter new passphrase:Retype the passphrase Passphrase changed.
The keystore is now protected by passphrase. If you lose the passphrase, you lose access to the objects in the keystore.
Example 15–5 Protecting a Keystore With a Passphrase
The following example shows how to set the passphrase for an NSS database. Because no passphrase has been created, the user presses the Return key at the first prompt.
% pktool setpin keystore=nss dir=/var/nss Enter current token passphrase:Press the Return key Create new passphrase: has8n0NdaH Re-enter new passphrase: has8n0NdaH Passphrase changed. |
- © 2010, Oracle Corporation and/or its affiliates