No announcement yet.

How do we edit keystore.jks without Mirth Connect Administrator?

  • Filter
  • Time
  • Show
Clear All
new posts

  • How do we edit keystore.jks without Mirth Connect Administrator?

    Our security team recently added an internal self-signed certificate to our development SQL-Server, which is the DBMS our dev Mirth Connect uses. After they did this, SQL-Server was rebooted and immediately our Mirth Connect service stopped running because it could no longer connect to its database. The Mirth Connect log shows an error that verifies that certificate credentials are the issue.

    The security folks think they can fix this if they can add the new cert info to a keystore.jks file that will get used for the connection. This precipitated a couple of questions:

    1) We can't edit appdata/keystore.jks thru Mirth Connect Administrator since we can't boot Mirth Connect. Our security admins tried to edit Mirth's keystore.jks thru a tool of their own but were not able to do so because they didn't know Mirth's password to the keystore file. Is this publicly known and published somewhere? (We do not have a support agreement, so we have no one at Mirth Corp to ask for the password.)

    2) If the password isn't available, does Mirth Connect require that the keystore.jks in the appdata folder be used, or can it be configured to use a Windows level keystore.jks? If yes, how can this be configured without access to Mirth Connect Administrator?

  • #2
    The store and key passwords to the keystore are located in And yes, in that properties file you can point to whatever JKS file you wish.

    If you want the public/private keypair in that keystore to be used by default for mutual auth on outgoing connections by the JVM, you can edit the vmoptions file to set the default keystore and storepass.
    Step 1: JAVA CACHE...DID YOU CLEAR ...wait, ding dong the witch is dead?

    Nicholas Rupley
    Work: 949-237-6069
    Always include what Mirth Connect version you're working with. Also include (if applicable) the code you're using and full stacktraces for errors (use CODE tags). Posting your entire channel is helpful as well; make sure to scrub any PHI/passwords first.

    - How do I foo?
    - You just bar.


    • #3
      Thanks, that was a quick reply!

      As it happens, I discovered the keystore section in just before I read your response, but I'm glad you confirmed what I found.