Configuring Keystores
WSO2 ASÂ uses several keystores to power the HTTPS transport and encrypt other confidential information such as administrator passwords. The keystore of the HTTPS transport is configured in the axis2.xml
file under the HTTPS transport receiver and HTTPS transport sender configurations.Â
<parameter name="keystore" locked="false"> <KeyStore> <Location>resources/security/wso2carbon.jks</Location> <Type>JKS</Type> <Password>wso2carbon</Password> <KeyPassword>wso2carbon</KeyPassword> </KeyStore> </parameter> <parameter name="truststore" locked="false"> <TrustStore> <Location>resources/security/client-truststore.jks</Location> <Type>JKS</Type> <Password>wso2carbon</Password> </TrustStore> </parameter>
The default keystore named wso2carbon.jks
, can be found in the PRODUCT_HOME/repository/resources/security
directory. To change the keystores used by the HTTPS transport, update the HTTPS transport receiver and sender configurations by specifying the paths to keystores files and other attributes of the files such as the keystores passwords.
Under the <KeyStore
> element two password values must be specified.
The <Password
> element should indicate the password of the keystore file.
The <KeyPassword
> element should point to the password required to access the private key.
The keystores used to encrypt administrator passwords and other confidential information in Carbon is configured in the PRODUCT_HOME/repository/conf/carbon.xml
file. This keystore configuration can be found under the <security
> element of the carbon.xml
file.
<KeyStore> <Location>${carbon.home}/resources/security/wso2carbon.jks</Location> <Type>JKS</Type> <Password>wso2carbon</Password> <KeyAlias>wso2carbon</KeyAlias> <KeyPassword>wso2carbon</KeyPassword> </KeyStore>