Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Now you have a Java keystore including a CA-signed certificate that can be used in a production environment. Next, you must add its public key to the client-truststore.jks file to enable backend communication and inter-system communication via SSL.

Adding the public key to client-truststore.jks
Anchor
Add Public Key
Add Public Key

In SSL handshake, the client needs to verify the certificate presented by the server. For this purpose, the client usually stores the certificates it trusts, in a trust store. All WSO2 products are shipped with the trust store named client-truststore.jks, which resides in the same directory as the keystore (<PRODUCT_HOME>/repository/resources/security/). Therefore, we need to import the new public certificate into this trust store for frontend and backend communication of WSO2 products to happen properly over SSL.
Note

Note that we are using the default client-truststore.jks file in your WSO2 product as the trust store in this example.

To add the public key of the signed certificate to the client trust store:

...