Page Comparison

...

• Authenticating the communication over Secure Sockets Layer (SSL)/Transport Layer Security (TLS) protocols.
• Encrypting sensitive information such as plain text passwords in configuration files.
• Encrypting data such as scripts, configuration files, xmld, xsds etc. into the registry.
• Encrypting/signing in WS-Security.

...

• Maintain a primary keystore for encrypting sensitive data such as admin passwords and certain registry data. By default, the primary keystore is also used for WS-Security and for authenticating tomcat Tomcat level connections.
• Maintain a separate keystore for authenticating the communication over SSL/TLS (tomcat for Tomcat level connections).
• Optionally, you can set up separate keystores with key pairs and certificates for WS-Security.
• A separate keystore (truststore) for the purpose of storing the trusted certificates of public keys in your keystores.

...

• wso2carbon.jks: This keystore contains a key pair , which and is used by default used in your Carbon server for all of the purposes explained above. 
• client-truststore.jks: This is the default trust store, which contains the trusted certificates of the keystore used in SSL communication.

...

WSO2 products provide the facility to add keystores using the management console Management Console or using an XML configuration, and to import certificates to the keystore using the management consoleManagement Console. The WSO2 keystore management feature provides a UI and an API to add and manage keystores used for WS-Security scenarios. When you apply WS-Security to web Web services using the management consoleManagement Console, you can select a keystore from uploaded keystores for encryption/signing processes. The management console Management Console also allows you to view/delete keystores. 

...

This functionality is bundled with the following feature that is installed in your product:.

Name: WSO2 Carbon - Security Management Feature
Identifier: org.wso2.carbon.security.mgt.feature.group

...