Starting in ThingWorx 8.0, Application keys are now encrypted and stored in the database. The Key used to encrypt the Application key id value is stored in /ThingworxStorage/Keystore.jks and the password for the keystore is stored in /ThingworxPlatform/keystore-password. These files are created automatically by ThingWorx and unique to that instance.


ThingWorx 8.1

In addition to the handling application key decryption, the Instance device ID is also stored in keystore.jks. To properly configure an HA landscape using ThingWorx 8.1, consider either;

  1. In a dark Site scenario, copying the license_capability_response.bin from the primary lead server to the ThingworxPlatform folder of all slave instances
  2. In a connected scenario, removing or renaming the existing capability response on the slave servers after replacing the keystore.jks and password-keystore to automatically retrieve a new capability response based on the encrypted device ID


Failure to do so will result in a Host ID mismatch error

[message: Trusted storage hostid does not match system hostid.]