---
title: PKCS#12 keystore
description: The API Security Enforcer (ASE) ships with a default PKCS#12 keystore.
component: pingintelligence
version: 5.2
page_id: pingintelligence:pingintelligence_reference_guide:pingintelligence_keystore
canonical_url: https://docs.pingidentity.com/pingintelligence/5.2/pingintelligence_reference_guide/pingintelligence_keystore.html
revdate: April 3, 2024
---

# PKCS#12 keystore

The API Security Enforcer (ASE) ships with a default PKCS#12 keystore.

The default password is `asekeystore`. The default password is obfuscated and configured in the `ase.conf` file.

For security reasons, you must update the default PKCS#12 keystore password by using the `update_keystore_password` command.

```
/opt/pingidentity/ase/bin/cli.sh update_keystore_password -u admin -p admin
New password >
New password again >
keystore password updated
```

The password is updated and obfuscated at the same time.

|   |                                                      |
| - | ---------------------------------------------------- |
|   | ASE must be running to update the keystore password. |