If the directory/file paths specified in this guide do not exist in your WSO2 product, see Directory Structure of WSO2 Products to locate the paths applicable to your product.

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


  • wso2carbon.jks: This is the default keystore, which contains the server’s a private key and the self-signed public key certificate.
  • client-truststore.jks: This is the default trust store, which contains the trusted certificates of the keystore used in SSL communication. This is the default truststore, which contains many of the reputed root CAs that customers can usetruststore, which contains digital certificates of many root CAs. This also contains the self-signed certificate of the default wso2.carbon.jks keystore.

Setting up keystores for WSO2 products