...
Now, you have an SSL certificate stored in a Java keystore and a public key added to the client-truststore.jks file. Note that both these files should be in the <PRODUCT_HOME>/repository/resources/security/ directory. You can now replace the default wso2carbon.jks keystore in your product with the newly created keystore by updating the relevant configuration files in your product. See the related links for information.
...
For information on the concepts of keystores and about how keystores are used in WSO2 products, see Setting up Keystores, and for information on how to update configuration files for keystores in WSO2 products, see Configuring Keystores in WSO2 Products.