Skip to content

Managing Keystores via UI

WSO2 Identity Server Management Console enables viewing keystore details such as the available certificates. To do this, you must first upload the relevant keystore via the Management Console.

Before you begin

Make sure to create and store all the required keystore files in the <IS_HOME>/repository/resources/security directory.



Do not delete the default wso2carbon.jks.

Uploading keystores

Follow the instructions below to upload a keystore file to via the Management Console.

  1. In the Main menu of the Management Console, click Manage > Keystores > Add.

    The Add Key Store page appears.

  2. Provide the required information:

    • Keystore password: This is required to access the private key and provider.
    • Provider
    • Keystore Type: This is to speficy type of the keystore file that you are uploading as JKS or PKCS12.
      • JKS: Java Key Store (JKS) allows you to read and store key entries and certificate entries. However, the key entries can store only private keys.
      • PKCS12: Public Key Cryptography Standards (PKCS12) allows you to read a keystore in this format and export the information from that keystore. However, you cannot modify the keystore. This is used to import certificates from different browsers into your Java Key store.

  3. Click Next.
  4. Enter the private key password.
  5. Click Finish to add the new keystore to the list.


    This keystore file is now saved to the WSO2 Identity Server registry. To see the registry path:

    1. On Main tab, click Manage > Registry > Browse.
    2. Enter /_system/governance/repository/security/key-stores/ in the Location text box and click Go.

      Note that the keystores added via the Management Console get listed out.

Viewing keystores

Follow the instructions below to view the details of the keystore that you uploaded.

  1. In the Main menu of the Management Console, click Manage > Keystores > List. The Key Store List page appears.
  2. Click View of the corresponding keystore that you want to view. The View Key Store screen appears with the following information:

    • Private key certificates

    • Available certificates

  3. Click Finish to get back to the Keystores screen.