<
×
2009/11/16

How to setup WSO2 Carbon in production?

  • Dimuthu Leelarathne
  • Architect - WSO2
  • 16 Nov, 2009

Here is a check-list that administrators should run through before setting up Carbon in a production environment.

  • Change the server SSL Certificate
  • Database Configuration
  • Password Protection

1. Change the server SSL Certificate

WSO2 Carbon uses a self-signed certificate to enable SSL, so you should consider changing it. This is a mandatory step if you are planning to use security sensitive transactions. The key store details and passwords are given by in the <carbon-home>/conf/carbon.xml 

  • If the SSL certificate and the private key is in the pem format,
  1. Convert the private key and certificate to pkcs12 keystore using following command.
    2. openssl pkcs12 -export -out keystore.pfx -inkey privatekey.pem -in certificate.pem -certfile CACert.pem
  2. Use keytool in jdk 6.X to import the pkcs12 keystore to the wso2carbon.jks.
    3. keytool -importkeystore -srckeystore keystore.pfx -destkeystore wso2carbon.jks -srcstoretype pkcs12 -deststoretype jks -srcstorepass srcstorepass -deststorepass deststorepas
  3. Open the conf/carbon.xml file and change the KeyAlias and KeyPassword.
  • If the SSL certificate and private key is in jks format
  1. Use keytool in jdk 6.X to import the pkcs12 keystore to the wso2carbon.jks.
    2. keytool -importkeystore -srckeystore keystore.jks -destkeystore wso2carbon.jks -srcstoretype jks -deststoretype jks -srcstorepass srcstorepass -deststorepass deststorepas
  2. Open the conf/carbon.xml file and change the KeyAlias and KeyPassword

2. Database Configuration

WSO2 Carbon ships with a H2 database, but it can work with many RDBMS by different vendors.

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx the database connection details picture on registry.xml and user-mgt.xml

  • Minimally,
  1. Change the database password by editing the registry.xml and user-mgt.xml.
  • If you are want to change the database to Oracle, MySQL or MSSQL,
  1. Create an empty database in the server. It is not required to create the schema.
  2. Download the relevant JDBC Driver and copy it into the <carbon-home>/repository/components/extensions folder.
  3. Change database connection details in user-mgt.xml and carbon.xml
  4. Start the WSO2 Carbon server with the following option. The server will automatically create the tables in the database and configure itself.
    5. sh wso2server.sh -Dsetup
  • If you want to change the database to a RDBMS other than Oracle, MySQL or MSSQL,
  1. Create the database and it's table by looking at the sql scripts available in <carbon-home>/dbscripts
  2. Change database connection details in user-mgt.xml and carbon.xml
  3. Start the server normally

3. Password protection

Configure MD5/Hashed ...

 

About Author

  • Dimuthu Leelarathne
  • Architect
  • WSO2

API Management
Integration
IAM
Internal Developer Platform
Solutions
Resources
Support
Company
SIGN UP FOR OUR NEWSLETTER

Follow us

LEARN ABOUT SECURITY AT WSO2 >