keytool -importpass -storetype pkcs12 -alias myentry -keystore password-store.p12
keytool -list -keystore password-store.p12 -storetype pkcs12/subsystem=elytron/credential-store=mycs:add(relative-to=jboss.server.data.dir, location=example.jceks,create=true,credential-reference={clear-text=mypwd})
/subsystem=elytron/credential-store=mycs:add-alias(alias=myEntry,secret-value=mysecretpwd)
/subsystem=elytron/credential-store=mycs:read-aliases() <credential-store name="cs12" relative-to="jboss.server.data.dir" location="password-store.p12" create="true">
<implementation-properties>
<property name="keyStoreType" value="PKCS12"/>
</implementation-properties>
<credential-reference clear-text="MASK-Bmfq4mvDV7F;A1B2C3D4;351"/>
</credential-store>elytron-tool.bat mask -i 351 -s A1B2C3D4 -x mypwd <datasource jndi-name="java:/jdbc/myDS" pool-name="MySqlDS">
<connection-url>jdbc:mysql://localhost:3306/test</connection-url>
<driver>mysql</driver>
<security>
<user-name>rik</user-name>
<credential-reference store="cs12" alias="dbpwd"/>
</security> public static void main(String[] args) throws Exception {
KeyStore keyStore = KeyStore.getInstance("pkcs12");
char[] pwdArray = "mypwd".toCharArray();
keyStore.load(new FileInputStream("password-store.p12"), pwdArray);
SecretKeyEntry ske = (SecretKeyEntry) keyStore.getEntry("myentry", new KeyStore.PasswordProtection(pwdArray));
SecretKeyFactory factory = SecretKeyFactory.getInstance("PBE");
PBEKeySpec keySpec = (PBEKeySpec)factory.getKeySpec(ske.getSecretKey(), PBEKeySpec.class);
System.out.println(new String(keySpec.getPassword()));
}