Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.



For instructions on the default carbon keystore configurations, see Configuring Keystores in WSO2 Products in the WSO2 Product Administration Guide.


The following common configurations should be completed before you begin the configurations given in this page.

Make sure you do the configurations below to configure a keystore in WSO2 API Manager.


To configure AMQP and MQTT transports, open the <API-M_HOME>/repository/conf/broker.xml file. The values for the the location and  and password parameters under  parameters under keyStore and  and trustStore should  must be updated. The code below shows the default values.


Configuring keystores for Jaggery Apps SSO configuration

Open Open the <API-M_HOME>/repository/deployment/server/jaggeryapps/publisher/site/conf/site.json file. Update the values for for keyStoreName and  and keyStorePassword as  as shown below.

Code Block
"ssoConfiguration" : {
        "enabled" : "true",
        "issuer" : "API_PUBLISHER",
        "identityProviderURL" : "https://localhost:9444/samlsso",
        "keyStorePassword" : "wso2carbon",
        "identityAlias" : "wso2carbon",
        "keyStoreName" :"wso2carbon.jks",


Configuring keystores for security

Open the <API-M_HOME>/repository/conf/identity/identity.xml file and update the values for Location and Password under the KeyStore section. The default configurations are shown below.

Code Block

Configuring keystores for endpoints

Open the <API-M_HOME>/repository/conf/identity/ file and update update client.keyStore and  and client.trustStore with  with the location of the keystore and truststore , respectively. The default configurations are shown below.


To have more advanced transport handling functions using keystores, you need to must update the <API-M<APIM_HOME>/repository/conf/tomcat/catalina-server.xml file and the <API<API-M__HOME>/repository/conf/axis2/axis2.xml file.