This documentation is for WSO2 Carbon 4.2.0. View documentation for the latest release.
Page Comparison - Resolving Encrypted Passwords (v.7 vs v.8) - Carbon 4.2.0 - WSO2 Documentation

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


If you start the WSO2 Carbon server as a background taskjob, you cannot will not be able to provide password values on the command line. Therefore, you must start the server in "daemon" mode as explained below.

  1. Create a new file in the <PRODUCT_HOME> directory. The file should be named according to your OS as explained below.
    • For Linux: The file name should be password-tmp.
    txt in <PRODUCT_HOME>/, add the primary keystore's password to it and save. The default primary keystore is  wso2carbon
    • For Windows: The file name should be password-tmp.txt.

    When you start the server (see step 3 below), the keystore password will be picked from this new file. Note that this file is automatically deleted from the file system after the server starts. Therefore, the admin has to create a new text file every time the server starts.

    Alternatively, if you want to retain the password file after the server starts, the file should be named as follows:

    • For Linux: The file name should be password-persist.
    • For Windows: The file name should be password-persist.txt.
  2. Add "wso2carbon" (the primary keystore password) to the new file and save. By default, the password provider assumes that the both private key , and keystore passwords and keystore passwords are the same. If not, the private key password must be entered in the second line of the file.
  3. Start Now, start the server as a background process by running the following command.

    Code Block
    ./ start
  4. Note that the password-tmp.txt temporary file that you created earlier is removed from the file system automatically. Run step 1 again to add the file to the system. 


    Tip: To avoid creating the  password-tmp.txt file every time the server starts, you can name it as  password-persist.txt, instead of  password-tmp.txt.

  5. Start the server by running the product startup start-up script from the <PRODUCT_HOME>/bin/ directory using by executing the following command:

    Code Block
    daemon. sh -start