Follow the instructions below to create a new Keystore in WSO2 ES:
Step 1 - Create a Keystore
You can either create a new Keystore or use an existing Keystore. For more information, see the following WSO2 Carbon documentation.
Step 2 - Import the Keystore into the trust store
In SSL handshake, the client needs to verify the certificate presented by the server. For this purpose, the client usually stores the certificates it trusts, in a trust store. For more information, see Adding the public key to client-truststore.jks, which is in the WSO2 Carbon documentation.
Step 3 - Update the required configuration files
Update the
carbon.xmlfile, which is in the<PRODUCT_HOME>/repository/confdirectory, with the location of the newly created Keystore.<KeyStore> <!-- Keystore file location--> <Location>${carbon.home}/repository/resources/security/mykeystore.jks</Location> <!-- Keystore type (JKS/PKCS12 etc.)--> <Type>JKS</Type> <!-- Keystore password--> <Password>mypkpassword</Password> <!-- Private Key alias--> <KeyAlias>mycert</KeyAlias> <!-- Private Key password--> <KeyPassword>mypkpassword</KeyPassword> </KeyStore> <RegistryKeyStore> <!-- Keystore file location--> <Location>${carbon.home}/repository/resources/security/mykeystore.jks</Location> <!-- Keystore type (JKS/PKCS12 etc.)--> <Type>JKS</Type> <!-- Keystore password--> <Password>mypkpassword</Password> <!-- Private Key alias--> <KeyAlias>mycert</KeyAlias> <!-- Private Key password--> <KeyPassword>mypkpassword</KeyPassword> </RegistryKeyStore>