Skip to content

Manage Keystores via UI

The MWARE IAM Management Console enables viewing keystore details such as the available certificates. To do this, you need to first upload the relevant keystore via the MWARE IAM Management Console.

Before you begin

Make sure to create and store all the required keystore files in the <IS_HOME>/repository/resources/security directory.



Do not delete the default wso2carbon.jks.

Upload keystores

Follow the instructions below to upload a keystore file via the MWARE IAM Management Console.

  1. In the Main menu of the MWARE IAM Management Console (https://<IS_HOST>:<PORT>/carbon), click Manage > Keystores > Add.

    The Add Key Store page appears.

  2. Provide the required information:

    • Keystore password: This is required to access the private key and provider.
    • Provider
    • Keystore Type: This is to specify the type of the keystore file that you are uploading as JKS or PKCS12.
      • JKS: Java Key Store (JKS) allows you to read and store key entries and certificate entries. However, the key entries can only store private keys.
      • PKCS12: Public Key Cryptography Standards (PKCS12) allows you to read a keystore in this format and export the information from that keystore. However, you cannot modify the keystore. This is used to import certificates from different browsers into your Java Key store.

  3. Click Next.
  4. Enter the private key password.
  5. Click Finish to add the new keystore to the list.


    This keystore file is now saved to the MWARE IAM registry. To see the registry path:

    1. On Main tab, click Manage > Registry > Browse.
    2. Enter /_system/governance/repository/security/key-stores/ in the Location text box and click Go.

      Note that the keystores added via the MWARE IAM Management Console get listed out.

View keystores

Follow the instructions below to view the details of the keystore that you uploaded.

  1. In the Main menu of the MWARE IAM Management Console, click Manage > Keystores > List. The Key Store List page appears.
  2. Click View of the corresponding keystore that you want to view. The View Key Store screen appears with the following information:

    • Private key certificates

    • Available certificates

  3. Click Finish to get back to the Keystores screen.