Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

If the WSO2 Security Management feature is installed in your product, you can manage the keystores using the Management Console. In order to do this, all the required keystore files should first be created and stored in the <PRODUCT_HOME>/repository/resources/security/ directory.  See the related topics for more information.

Info

The default wso2carbon.jks keystore cannot be deleted. 

Adding keystores

Keystores allow you to manage the keys that are stored in a database. WSO2 Carbon keystore management provides the ability to manage multiple keystores. Follow the instructions below to add a new keystore to your product using the Management Console.

  1. Log in to the WSO2 product with your user name and password.
  2. Go to the Configure tab and click Key Stores.
  3. The Key Store Management page appears. Click the Add New Key store link to open the following screen:
  4. Specify the Provider and the Keystore Password, which points to the password required to access the private key.
  5. In the Keystore Type field, specify whether the keystore file you are uploading is JKS or PKCS12.
    • JKS (Java Key Store): Allows you to read and store key entries and certificate entries. However, the key entries can store only private keys.
    • PKCS12 (Public Key Cryptography Standards): Allows you to read a keystore in this format and export the information from that keystore. However, you cannot modify the keystore. This is used to import certificates from different browsers into your Java Key store.
  6. Click Next and on the next page, provide the Private Key Password.
  7. Click Finish to add the new keystore to the list.

Viewing keystores

Keystores allow you to manage the keys that are stored in a database. WSO2 Carbon keystore management provides the ability to view keystores using the Management Console. Follow the instructions below to view a keystore.

  1. Log in to the WSO2 product with your user name and password.
  2. Go to the Configure tab and click Key Stores.
  3. The Key Store Management page appears. All the keystores that are currently added to the product will be listed here as follows:
     
  4. Click View in the list of actions. The View Key Store screen shows information about the available certificates.

    It also displays information about private key certificates:
  5. Click Finish to go back to the Key Store Management screen.

Importing certificates to keystore

Keystores allow you to manage the keys that are stored in a database. WSO2 Carbon keystore management provides the ability to import certificates for keystores. Follow the instructions below to import a certificate for a keystore.

  1. Log in to the WSO2 product with your user name and password.
  2. Go to the Configure tab and click Keystores.
  3. The Keystore Management page appears. All the keystores that are currently added to the product will be listed here as follows:
  4. Click Import Cert associated with the keystore for which you want to import a certificate.
  5. The available certificates are already listed on the Import Certificates screen. Click Browse to find the location of the new certificate that you want to import.
  6. Once you have selected the certificate, click Import.
  7. Once a certificate is imported successfully, you will see the following confirmation:

    Click OK.
  8. The imported certificate appears in the list of Available Certificates. In the example shown below, the "GeoTrust_Global_CA" certificate was imported.

Related topics

Excerpt
hiddentrue

Note to Writers: The 'Related Links' title is bookmarked in the shared spaces so that it is also pulled along with the other content. Therefore, after pulling this page, make sure to add the relevant interspace links in your product spaces.

  • Creating New Keystores: This topics explains how new keystore files with keys and certificates are created. Once the keystores are created, you can manage them from the Management Console.