WSO2 Carbon uses several keystores to power the servlet transport and to encrypt other confidential information such as administrator passwords. The carbon.xml file in the <PRODUCT_HOME>/repository/conf directory of your product contains the configurations for the primary keystore.
Note that when keystores are configured, two keystore passwords are specified in the carbon.xml file:
- The <
Password> element indicates the password of the keystore file. - The <
KeyPassword> element points to the password required to access the private key.
Primary Keystore
The primary keystore mainly stores the keys certifying SSL connections to Carbon servers and the keys for encrypting administrator passwords as well as other confidential information. The Keystore element in the carbon.xml file is used to configure the primary keystore as given below. Note that in this example, the default keystore in your product pack (wso2carbon.jks) is used as the primary keystore.
<KeyStore>
<Location>${carbon.home}/resources/security/wso2carbon.jks</Location>
<Type>JKS</Type>
<Password>wso2carbon</Password>
<KeyAlias>wso2carbon</KeyAlias>
<KeyPassword>wso2carbon</KeyPassword>
</KeyStore>