This documentation is for WSO2 Carbon 4.2.0. View documentation for the latest release.
Page Comparison - Configuring Keystores in WSO2 Products (v.49 vs v.50) - Carbon 4.2.0 - WSO2 Documentation

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.

Keystores allow you to manage the keys that are stored in a database. A keystore must contain a key pair with a certificate signed by a trusted Certification Authority (CA). A CA is an entity trusted by all parties participating in a secure communication. This entity will certify the trusted party's public keys by signing them. Since the certificate authority is trusted, it will accept the public key certificates signed by that particular CA as trusted. WSO2 Carbon uses several keystores to power the HTTPS transport and to encrypt other confidential information such as administrator passwords. The keystores used to encrypt administrator passwords and other confidential information in Carbon is configured in the <PRODUCT_HOME>/repository/conf/carbon.xml file (under the <security> element). Two keystore elements elements can be used to configure keystones in the carbon.xml file can be used to configure keystores: Primary keystore (Keystore) and Registry Keystore (RegistryKeystore). 


The default keystore named wso2carbon.jks can be found in the <PRODUCT_HOME>/repository/resources/security directory of your product pack.