This documentation is for WSO2 Carbon 4.2.0. View documentation for the latest release.
Page Comparison - Configuring Keystores (v.19 vs v.20) - Carbon 4.2.0 - WSO2 Documentation

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Table of Contents
maxLevel3
minLevel3

Carbon Keystores

The keystores used to encrypt administrator passwords and other confidential information in Carbon is configured in the <PRODUCT_HOME>/repository/conf/carbon.xml file (under the <security> element). Two keystore elements in the carbon.xml file can be used to configure the keystore: Primary keystore (Keystore) and Registry Keystore (RegistryKeystore). The default keystore named wso2carbon.jks, can be found in the <PRODUCT_HOME>/repository/resources/security directory.

Primary Keystore

Keystore can be considered as the default Carbon keystore element. This is primarily used for storing keys certifying SSL connections to Carbon servers, and for encrypting administrator passwords and other confidential information. The keystore configuration that should be added to the carbon.xml file is as follows.

Code Block
<KeyStore>
	<Location>${carbon.home}/resources/security/wso2carbon.jks</Location>
	<Type>JKS</Type>
	<Password>wso2carbon</Password>
	<KeyAlias>wso2carbon</KeyAlias>
	<KeyPassword>wso2carbon</KeyPassword>
</KeyStore>

Registry Keystore

RegistryKeystore is a separate keystore, used only for the purpose of encrypting/decrypting meta data to the registry. The registry keystore configuration that should be added to the carbon.xml file is as follows.

...