i was trying to install CA certified certificates in WSO2 API Manager. But i have not found any place which tells about where to store the private key? Is private key not needed to make SSL work?
1
votes
2 Answers
1
votes
You can find the key store in
[AM]\repository\resources\security\wso2carbon.jks
and the client truststore in
[AM]\repository\resources\security\client-truststore.jks
Using keytool you can install any certificate. The default password = wso2carbon
For SSL you need to store the public certificate not the private key
0
votes
I suggest to create a new JKS keystore with your private key and certificate chain (so there is no confusion with the existing wso2carbon.jks). you can configure the SSL settings in repository/config/tomcat/catalina-server.xml.
One of the common practices is having a proxy server in front of the APIM doing the SSL termination, load balancing and controlling access to the publisher, store and gateway.
