WSO2 WSAS for Java uses a keypair to enable HTTPS and to secure the user passwords within it.
When you use WSO2 WSAS in production its STRONGLY recommended that you change the default keys that are shipped with it.
It should be noted that the RSA algorithm must be used to generate the key pair and the alias of it must be "wso2wsas". The following command can be used to create the above keystore
$ keytool -genkey -alias wso2wsas -keyalg RSA -keystore wso2wsas.jks -storepass wso2wsas
This will prompt for a series of questions as shown below:
What is your first and last name? [Unknown]: John Smith What is the name of your organizational unit? [Unknown]: Accounts What is the name of your organization? [Unknown]: ABC What is the name of your City or Locality? [Unknown]: Colombo What is the name of your State or Province? [Unknown]: Western What is the two-letter country code for this unit? [Unknown]: LK Is CN=John Smith, OU=Accounts, O=ABC, L=Colombo, ST=Western, C=LK correct? [no]: yes Enter key password for(RETURN if same as keystore password):
Now you will see a file with the name "wso2wsas.jks" created in the place where you executed the above command.
Now you can simply replace the WSO2WSAS_HOME/conf/wso2wsas.jks with this new wso2wsas.jks file that you just created.
Since this keypair is used to secure the passwords of WSO2 WSAS users as well, now we have to reset the passwords of all users.
You MUST use the chpasswd utility provided with WSO2 WSAS to reset passwords.
Please refer to the chpasswd documentation and make sure you set the password of the "admin" user first.If you want to change the keystore file name, location, keystore password or the key password :
JBoss application server
Apache Tomcat server