If the WSO2 Security Management feature is installed in your product, you can manage the keystores using the Management Console. In order to do this, all the required keystore files should first be created and stored in the <PRODUCT_HOME>/repository/resources/security/
directory. See the related topics for more information.
The default wso2carbon.jks
keystore cannot be deleted.
Adding keystores
Keystores allow you to manage the keys that are stored in a database. WSO2 Carbon keystore management provides the ability to manage multiple keystores. Follow the instructions below to add a new keystore to your product using the Management Console.
- Log in to the WSO2 product with your user name and password.
- Go to the Configure tab and click Key Stores.
- The Key Store Management page appears. Click the Add New Key store link to open the following screen:
- Specify the Provider and the Keystore Password, which points to the password required to access the private key.
- In the Keystore Type field, specify whether the keystore file you are uploading is JKS or PKCS12.
- JKS (Java Key Store): Allows you to read and store key entries and certificate entries. However, the key entries can store only private keys.
- PKCS12 (Public Key Cryptography Standards): Allows you to read a keystore in this format and export the information from that keystore. However, you cannot modify the keystore. This is used to import certificates from different browsers into your Java Key store.
- Click Next and on the next page, provide the Private Key Password.
Click Finish to add the new keystore to the list.
Viewing keystores
Keystores allow you to manage the keys that are stored in a database. WSO2 Carbon keystore management provides the ability to view keystores using the Management Console. Follow the instructions below to view a keystore.
- Log in to the WSO2 product with your user name and password.
- Go to the Configure tab and click Key Stores.
- The Key Store Management page appears. All the keystores that are currently added to the product will be listed here as follows:
- Click View in the list of actions. The View Key Store screen shows information about the available certificates.
It also displays information about private key certificates: - Click Finish to go back to the Key Store Management screen.
Importing certificates to keystore
Keystores allow you to manage the keys that are stored in a database. WSO2 Carbon keystore management provides the ability to import certificates for keystores. Follow the instructions below to import a certificate for a keystore.
- Log in to the WSO2 product with your user name and password.
- Go to the Configure tab and click Keystores.
- The Keystore Management page appears. All the keystores that are currently added to the product will be listed here as follows:
- Click Import Cert associated with the keystore for which you want to import a certificate.
- The available certificates are already listed on the Import Certificates screen. Click Browse to find the location of the new certificate that you want to import.
- Once you have selected the certificate, click Import.
- Once a certificate is imported successfully, you will see the following confirmation:
Click OK. - The imported certificate appears in the list of Available Certificates. In the example shown below, the "GeoTrust_Global_CA" certificate was imported.
Related links
For information on how new keystore files with keys and certificates are created, see Creating New Keystores. Once the keystores are created, you can manage them from the Management Console.