The WSO2 API-M GitHub repository includes a custom keyStore and client trustStore in the
<API-M_HOME>/repository/resources/security directory for the initial setup (i.e., testing) purpose. The same files are copied into the
wso2am_analytics module and
wso2is_prepacked module as well. This
wso2carbon.jks keyStore is created for
CN=*.dev.wso2.org, and its self-signed certificate is imported into the
In production environments, it is recommended to replace these with your own keyStores and trustStores with certification authority (CA) signed certificates. In addition, if you also change the hostnames given by default in these patterns, you have to create your own hostnames. For more information, see Creating New Keystores.
Follow the steps below to create a new keystore and client-truststore with self-signed certificates.
Generate a Java keyStore and key pair with a self-signed certificate.
Export the certificate from the latter mentioned keyStore.
Import the latter mentioned certificate into a trustStore.