WSO2 ESB uses several Key stores to power the HTTPS transport and encrypt other confidential information such as administrator passwords. The Key store of the HTTPS transport is configured in the axis2.xml
file under the HTTPS transport receiver and HTTPS transport sender configurations. See Configuring and Enabling Transports.
<parameter name="keystore" locked="false"> <KeyStore> <Location>resources/security/wso2carbon.jks</Location> <Type>JKS</Type> <Password>wso2carbon</Password> <KeyPassword>wso2carbon</KeyPassword> </KeyStore> </parameter> <parameter name="truststore" locked="false"> <TrustStore> <Location>resources/security/client-truststore.jks</Location> <Type>JKS</Type> <Password>wso2carbon</Password> </TrustStore> </parameter>
The default Key stores can be found in ESB_HOME/resources/security
directory. To change the Key stores used by the HTTPS transport, update the HTTPS transport receiver and sender configurations by specifying the paths to Key stores files and other attributes of the files such as the Key stores passwords.
Note
Under the <KeyStore
> element two (2) password values must be specified.
The <Password
> element should indicate the password of the Key stores file.
The <KeyPassword
> element should point to the password required to access the private key.
The Key stores used to encrypt administrator passwords and other confidential information in Carbon is configured in ESB_HOME/repository/conf/carbon.xml
file. This Key stores configuration can be found under the <security
> element of the carbon.xml
file.
<KeyStore> <Location>${carbon.home}/resources/security/wso2carbon.jks</Location> <Type>JKS</Type> <Password>wso2carbon</Password> <KeyAlias>wso2carbon</KeyAlias> <KeyPassword>wso2carbon</KeyPassword> </KeyStore>