This article describes the steps to create a new KeyStore with a new self-signed SSL certificate and a new CN (Common Name) in WSO2 API-M 3.2.0 and how it can be used to invoke APIs’ in WSO2 from a remote host. By default, WSO2 API-M has a KeyStore named wso2carbon.jks which contains a self-signed certificate. However, the default certificate has Common Name (CN) as localhost and this certificate can be used to invoke the APIs from the same server where WSO2 API-M is hosted. This article is useful when the client/end-user wants to invoke APIs exposed via WSO2 gateway that is hosted on a remote server and using an SSL certificate.
1. Open a command prompt and go to <API-M_HOME>/repository/resources/security/. Then, create the new KeyStore that includes the private key by executing the following command. We will provide the hostname/domain name where WSO2 API-M is hosted as the CN value while creating this new KeyStore. For example, in this case, it is api.test.wso2.com.