This site contains the documentation that is relevant to older WSO2 product versions and offerings.
For the latest WSO2 documentation, visit https://wso2.com/documentation/.

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 12 Next »

If the WSO2 Security Management feature is installed in your product, you can manage the keystores conveniently using the management console.

The default wso2carbon.jks Keystore cannot be deleted. 

Adding keystores

Keystores allow you to manage the keys that are stored in a database. WSO2 Carbon Keystore management provides the ability to manage multiple Keystores. Follow the instructions below to add a new Keystore to your product using the management console.

  1. Log in to the WSO2 product with your user name and password.
  2. Go to the Configure tab and click Key Stores.
  3. The Key Store Management page appears. Click the Add New Key store link to open the following screen:
  4. Specify the Provider and the Keystore Password, which points to the password required to access the private key.
  5. In the Keystore Type field, specify whether the keystore file you are uploading is JKS or PKCS12.
    • JKS (Java Key Store): Allows you to read and store key entries and certificate entries. However, the key entries can store only private keys.
    • PKCS12 (Public Key Cryptography Standards): Allows you to read a Key store in this format and export the information from that Key store. However, you cannot modify the Key store. This is used to import certificates from different browsers into your Java Key store.
  6. Click Next and on the next page, provide the Private Key Password.
  7. Click Finish to add the new keystore to the list.

Viewing keystores

Keystores allow you to manage the keys that are stored in a database. WSO2 Carbon Keystore management provides the ability to view keystores using the management console. Follow the instructions below to view a keystore.

  1. Log in to the WSO2 product with your user name and password.
  2. Go to the Configure tab and click Key Stores.
  3. The Key Store Management page appears. All the keystores that are currently added to the product will be listed here as follows:
     
  4. Click View in the list of actions. The View Key Store screen shows information about the available certificates.
     
    It also displays information about private key certificates:
     
  5. Click Finish to go back to the Key Store Management screen.

Importing certificates to keystore

Keystores allow you to manage the keys that are stored in a database. WSO2 Carbon Keystore management provides the ability to import certificates for keystores. Follow the instructions below to import a certificate for a keystore.

  1. Log in to the WSO2 product with your user name and password.
  2. Go to the Configure tab and click Keystores.
  3. The Keystore Management page appears. All the keystores that are currently added to the product will be listed here as follows:
  4. Click Import Cert associated with the keystore for which you want to import a certificate.
  5. The available certificates are already listed on the Import Certificates screen. Click Browse to find the location of the new certificate that you want to import.
  6. Once you have selected the certificate, click Import.
  7. Once a certificate is imported successfully, you will see the following confirmation:

    Click OK.
  8. The imported certificate appears in the list of Available Certificates. In the example shown below, the "GeoTrust_Global_CA" certificate was imported.

After changing the keystores, you can use the grep command to locate all the .jks file occurrences in the <PRODUCT_HOME>>/repository/conf/ directory, and change the default keystores and its product-specific configurations accordingly.

  • No labels