configure SSL for wso2 products

This will demonstrate you , how to configure SSL for any wso2 products using easy few steps.

wso2 product uses the default wso2carbon.jks as the keystore. If you hosted wso2 product in a server , you have to generate the new keystore and import it into client-truststore.jks.

Do not delete anything. Just go to repository/resources/security/
copy your “cert,private key,ca-bundle” and server pem files into the security derectory that you get from the SSL provider.

use wso2carbonnew for all the requested fields and when you import to client trust store, use wso2carbon as the password. Because client trust store password is wso2carbon

openssl pkcs12 -export -in STAR_yourdomain_com.crt -inkey private.key -name wso2carbonnew -certfile STAR_yourdomain.ca-bundle -out wso2carbon.pfx

keytool -importkeystore -srckeystore wso2carbon.pfx -srcstoretype pkcs12 -destkeystore wso2carbonnew.jks -deststoretype JKS

keytool -export -alias wso2carbonnew -keystore wso2carbonnew.jks -file appManager.pem

keytool -import -alias wso2carbonnew -file appManager.pem -keystore client-truststore.jks -storepass wso2carbon

Now you have done with the basic configurations. Now you have to change the user name and password for default keystone inside configuration files.

go to , /repository/conf

grep -nr “.jks”

Then replace all the wso2carbon keystore user name and password as wso2carbonnew

DON’T change the default client trust store password.

Happy Configuring