This takes a 2 step approach where the cached password is removed during migration (which ends up running during the RPM installation). The installer then handles replacing the stores when it really runs.
Related issues
Bug #36760: CVE-2023-4886: World readable tomcat server.xml contains passwords
Added by Ewoud Kohl van Wijngaarden 8 months ago
Refs #36760 - Reset candlepin key- and truststore
This takes a 2 step approach where the cached password is removed during
migration (which ends up running during the RPM installation). The
installer then handles replacing the stores when it really runs.