WSO2’s Action Response: Log4j2 Zero-Day Vulnerability (CVE-2021-44228)Learn More >
Here is a check-list that administrators should run through before setting up Carbon in a production environment.
WSO2 Carbon uses a self-signed certificate to enable SSL, so you should consider changing it. This is a mandatory step if you are planning to use security sensitive transactions. The key store details and passwords are given by in the <carbon-home>/conf/carbon.xml
openssl pkcs12 -export -out keystore.pfx -inkey privatekey.pem -in certificate.pem -certfile CACert.pem
keytool -importkeystore -srckeystore keystore.pfx -destkeystore wso2carbon.jks -srcstoretype pkcs12 -deststoretype jks -srcstorepass srcstorepass -deststorepass deststorepas
keytool -importkeystore -srckeystore keystore.jks -destkeystore wso2carbon.jks -srcstoretype jks -deststoretype jks -srcstorepass srcstorepass -deststorepass deststorepas
WSO2 Carbon ships with a H2 database, but it can work with many RDBMS by different vendors.
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx the database connection details picture on registry.xml and user-mgt.xml
sh wso2server.sh -Dsetup
Configure MD5/Hashed ...
If you wish to disable cookies you can do so from your browser.