This documentation is for WSO2 Storage Server 1.0.3. View documentation for the latest release.
Manage Keystores - Storage Server 1.0.3 - WSO2 Documentation
                                                                                                                                                                                                                                     
||
Skip to end of metadata
Go to start of metadata

A keystore can be added, viewed and deleted using the management console of a WSO2 product.

Add Keystores

Follow the instructions below to add a new Keystore to a running Carbon instance.

1. Log on to the product's Management Console and select "Configure -> Key Stores."

2. The "Key Store Management" page appears. Click on the "Add New Key store" link.

3. Locate the Key store file you want to add in the "Add New Key store" page. Specify the "Key store Password," which points to the password required to access the private key.

For example,

upload-KS

4. Select "Key store Type" from the drop-down menu.

WSO2 Carbon supports two types of Keystores.

  • JKS (Java Key Store) : It can read and store key entries and certificate entries. However, the key entries can store only private keys.
  • PKCS12 (Public Key Cryptography Standards) : You can read a keystore in this format and can export the information from that keystore, but you cannot modify the keystore. This is used to import the certificates from different browsers into your Java keystore.

5. Click "Next."

upload-key-store-file

6. In the next page, provide "Private Key Password" and click "Finish."

update-KS

Key store management functionality does not let you import an existing private key for which you already have a certificate.

The default wso2carbon.jks Key store cannot be deleted.

Currently it is required to have same password for both keystore and private key. This is due to a tomcat limitation.

View Keystores 

1. Log on to the product's Management Console select "Configure -> Key Stores."

2. In the "Key Store Management" page that appears, select the "View" link in the "Actions" column.

3. The "View Key Store" page shows information about the available certificates.

4. Click on the "Finish" button to go back to the "Key Store Management" page.

Delete Keystores

If you do not need to use a Key store anymore, you can delete it from the "Keystores" list. Follow the instructions below to delete a Keystore.

You need to disable the security of the associated service before removing the service from the system to be able to remove a key store.

1. Log on to the product's Management Console and select "Configure -> Key Stores."

2. In the "Key Store Management" page that appears, click on the "Delete" link associated with a certain Key store.

3. Confirm your request.

You can't undo this operation once performed.

  • No labels