If you re-encrypt the keystore while the server is using it,
something is likely to fail. I assume the server doesn't open
the keystore file, read the entire keystore into memory, and
close the file; if it did, you couldn't add entries (e.g., a
new password alias) to the keystore without restarting the server.
I suppose you could change the implementation so that the server
does the work of re-encrypting the keystore if it's running, so
that the server would have the new master password. But then you'd
have to communicate the new master password to the server without
sending it over the network and without storing it in a file. All
possible, but getting complicated.
Bhakti Mehta wrote on 12/17/10 10:52 AM:
> Hi all,
> I wanted to know about the following if you have history for it.
>
> change-master-password command requires the DAS to be down before changing the
> password. Do you know why was that case.
>
> For change-master-password to work with instances would we require that the
> instances be down?
>
>
> Please can you comment. I will follow up with more questions as I understand the
> code better
> Regards,
> Bhakti