I solved it by using the default password for cacerts keystore : 'changeit'

This answer will be helpful for new Mac User (Works for Linux, Window 7 64 bit too).

Empty Password worked in my mac . (paste the below line in terminal)

keytool -list -v -keystore ~/.android/debug.keystore

when it prompt for

Enter keystore password:  

just press enter button (Dont type anything).It should work .

Please make sure its for default debug.keystore file , not for your project based keystore file (Password might change for this).

Works well for MacOS Sierra 10.10+ too.

I heard, it works for linux environment as well. i haven't tested that in linux yet.

From your description I assume you are on windows machine and your home is abc

So Now : Cause

When you run this command

keytool -genkey -alias tomcat -keyalg RSA

because you are not specifying an explicit keystore it will try to generate (and in your case as you are getting exception so to update) keystore C:\users\abc>.keystore and of course you need to provide old password for .keystore while I believe you are providing your version (a new one).

Solution

1. Either delete .keystore from C:\users\abc> location and try the command

2. or try following command which will create a new xyzkeystore:

   keytool -genkey -keystore xyzkeystore -alias tomcat -keyalg RSA

Note: -genkey is old now rather use -genkeypair althought both work equally.