Keystores allow to manage the keys that are stored in a database. WSO2 Carbon keystore management provides the facility to manage multiple keystores. You can add a keystore either using UI configuration or XML configuration.
Follow the instructions below to add a new keystore in WSO2 ESB.
1. Sign in. Enter your user name and password to log on to the ESB Management Console.
2. Click the "Configure" button to access the "Configure" menu.
3. From the "Configure" menu, select "Key Stores."
4. The "Key Store Management" page appears. Click on the "Add New Key store" link.
5. Locate the keystore file you want to add in the "Add New Key store" page.
You can use the "Browse" button to locate the file.
6. Specify "Provider" and "Key store Password," which points to the password required to access the private key.
7. Select "Key store Type" from the drop-down menu.
WSO2 ESB supports two types of keystores:
- JKS (Java KeyStore) - Allows to read and store key entries and certificate entries. However, the key entries can store only private keys.
- PKCS12 (Public Key Cryptography Standards) - Allows to read a keystore in this format and can export the information from that keystore, but you cannot modify the keystore. This is used to import the certificates from different browsers into your Java KeyStore.
8. Click on the "Next" button to proceed.
9. In the next page, provide "Private Key Password."
Keystore management does not let you import an existing private key for which you already have a certificate.
10. Click "Finish" to add a new keystore to the list.