Configuring the keyStore and client trustStore for a Selected Pattern
The WSO2 API-M GitHub repository includes a custom keyStore and client trustStore in the <API-M_HOME>/repository/resources/security
 directory for the initial setup (i.e., testing) purpose. The same files are copied into the wso2am_analytics
module and wso2is_prepacked
module as well. This wso2carbon.jks
keyStore is created for CN=*.dev.wso2.org
, and its self-signed certificate is imported into the client-truststore.jks
.Â
In production environments, it is recommended to replace these with your own keyStores and trustStores with certification authority (CA) signed certificates. In addition, if you also change the hostnames given by default in these patterns, you have to create your own hostnames. For more information, see Creating New Keystores.
Follow the steps below to create a new keystore and client-truststore with self-signed certificates.
Generate a Java keyStore and key pair with a self-signed certificate.
Export the certificate from the latter mentioned keyStore.
Import the latter mentioned certificate into a trustStore.