Adding Keystores
- Former user (Deleted)
WSO2 Carbon keystore management provides the facility to manage multiple keystores. This functionality is bundled with the security management feature:
Name: WSO2 Carbon - Security Management Feature
Identifier: org.wso2.carbon.security.mgt.feature.group
Follow the instructions below to add a new keystore to a running Carbon instance.
1. Log on to the product's Management Console and select "Configure -> Key Stores."
2. The "Key Store Management" page appears. Click on the "Add New Key store" link.
3. Locate the keystore file you want to add in the "Add New Key store" page. Specify the "Key store Password," which points to the password required to access the private key.
For example,
4. Select "Key store Type" from the drop-down menu.
WSO2 Carbon supports two types of keystores.
- JKS (Java KeyStore) : It can read and store key entries and certificate entries. However, the key entries can store only private keys.
- PKCS12 (Public Key Cryptography Standards) : You can read a keystore in this format and can export the information from that keystore, but you cannot modify the keystore. This is used to import the certificates from different browsers into your Java keystore.
5. Click "Next."
6. In the next page, provide "Private Key Password" and click "Finish."
Notes
Because of a Tomcat limitation, you must have the same password for both keystore and private key.
Keystore management functionality does not let you import an existing private key for which you already have a certificate.
- Â The default
wso2carbon.jkskeystore cannot be deleted.
Â