If the directory/file paths specified in this guide do not exist in your WSO2 product, see Directory Structure of WSO2 Products to locate the paths applicable to your product.

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


titleFollowing are a few important point points to keep in mind when you are renewing an expired certificate:
  • Use the same certificate authority that you used when you first got the public certificate. If you use a different certificate authority for certificate renewal, you will have to import the new CA-certificate as well as the intermediate certificates to the keystore and the client’s trust store.
  • If the certificate authority’s certificate is not in the keystore, you will get the following error when you try to import the CA-signed certificate to the keystore:

    Code Block
    keytool error: java.lang.Exception: Failed to establish chain from reply

    To overcome the above error, be sure to first import the CA-signed certificate as well as the intermediate certificates to the keystore in the correct order.