I have a wso2 API manager 3.0.0 setup on my linux. By default, the publisher, dev tools and management console url points to localhost. In order to access it via browser, I had to replace localhost with my server IP and it worked.
Now I have created a DNS and want to access it via DNS. It doesnt work.
Could you please let me know the exact steps to achieve this? What all files should I be changing?
Please note, id rather change in the application configuration files than change the server's host file.
You have to point the IP address of the server to DNS as an initial step. Then the request will route to your server.
As a second step, you have to configure the DNS hostname in the deployment.toml file, then the server knows where to route the request. Please refer to the documentation[1]
As a third step, you have to create a certificate with a new DNS hostname (CN) and change the primary key with the certificate. please refer to the documentation[2]
Can you provide what is the exception which you are getting with the new DNS route?
Thanks
[1]https://apim.docs.wso2.com/en/latest/install-and-setup/setup/deployment-best-practices/changing-the-hostname/
[2]https://apim.docs.wso2.com/en/latest/install-and-setup/setup/security/configuring-keystores/keystore-basics/creating-new-keystores/
Related
My client has a domain configured in a different provider and I built a website in AWS. We want to use their sub domain created in the different provider but the think is: they are using this domain to a different site as well, so they cannot set it via DNS server name; the second possibility would be via IP, however my IPs are not defined as I'm using Amplify to build the site.
Is there any other way we can connect their sub domain to my website?
Our two first options were: DNS server name but they are using te main domain to another site, so it would cause another issue and IP address but my IP are not defined as I'm using amplify to build.
I expect to be able to connect my website to their sub domain that is located in a different provider.
In the Amplify console, go to Domain management under your app settings. From there, add your domain and make sure to exclude the root since you only want to set up a subdomain. You can view the required DNS records from there. Basically you will need to set up a CNAME on your DNS configuration.
This documentation might help - https://docs.aws.amazon.com/amplify/latest/userguide/to-add-a-custom-domain-managed-by-a-third-party-dns-provider.html
I am not able to use my WSO2 IS 5.9.0 GUI console from the Domain i have mapped with ec2 instance IP. The management console login screen opens up but after entering the credentials it show 403 Access DOMAIN was desnied.
What might be the reason behind this? Please Help.....
What Changes Do I Need To Make In Deployment File?
And I am setting up my WSO2 to production can anyone please send me an example of any good deployement.toml file.....so that i can ensure production level quality?
If you are not fronting with any load balancer, the following changes are enough.
You need to change the server's host name. hostname property can be
configured in the deployment.toml file
Change the CN name of the SSL certificate to be equal to the
hostname. Changing the CN name of the certificate is done for
SSL hostname verification.
If you are trying from the local machine, do a mapping of the
hostname to ec2 instance ip
Please follow this documentation to refer how to change hostname. https://is.docs.wso2.com/en/5.9.0/setup/changing-the-hostname/
If you are using any loadbalancer, you may need to change proxy port also. Please refer to this documentation, if you are using any load balancer https://is.docs.wso2.com/en/5.9.0/setup/deployment-guide/
Problem Summary:
Hi i have one wildcard ssl which is installed in IIS on AWS EC2 instance.
This is working fine
Now i need to create another EC2 instance and use same ssl to the new instance IIS.
Current Stage:
I created new instance and installed IIS and working fine. I have http and https inbound access so currently i can access default IIS page from outside with instance public address.
Now i installed same SSL certificate in the IIS. I configured ssl in my new website and done. But this is not working. When i try with https i got 404.
Please help me to identify the issues.
Any restriction to use wildcard in multiple instances' IIS in same account
Any correct method to do this? I don't dont want load balancer now
Update:
I tried to configure in my local machine.
Step 1: I created a sample WebAPI and run in 8090 port with http. It shows like below as expected.
Step 2: I added https bindings with my ssl certificate but not gave any host name.
Step 3: Now I added sample host name (ssltest.mydomain)
I didn't get any idea on this. Please help
Any restriction to use wildcard in multiple instances' IIS in same account
There are no restrictions on how often a certificate can be used
Any correct method to do this?
There is nothing special about it, i.e. there is no difference between installing two different certificates on two hosts or the same certificate on two hosts. You likely did something wrong but it is unclear what exactly.
Note that a HTTP response code 404 actually means that the certificate itself is working since otherwise you would get a certificate error which comes before the HTTP response. So there is likely some misconfiguration which is not related to the certificate.
My iOS software platform runs on AWS Elastic Beanstalk and has a URL we'll call "something.elasticbeanstalk.com". I have a website we'll call "website.com" I purchased and operate the DNS records for through Namecheap. I need to make the URL my iOS client apps use to connect to the server HTTPS since Apple is requiring this soon due to App Transport Security.
WHAT I THINK I'M SUPPOSED TO DO
What I think I'm supposed to do is, create an SSL certificate for "website.com" and apply that SSL certificate to the AWS EB load balancer. Then I need to create a subdomain for "website.com" that redirects traffic to "something.elasticbeanstalk.com". Client apps connect to the subdomain of "website.com" which is now HTTPS and redirects to "something.elsastic.beanstalk.com". Is that correct?
WHAT I'VE DONE SO FAR
So far, I created a SSL certificate for "website.com" using AWS Certificate Manager. For this I had to verify my email address associated with "website.com". I then applied that SSL certificate to my environment's load balancer int the AWS Management Console. After that, I went into Namecheap and followed this guide in the 'Domain Name & AWS 53 Management' section to do it.
I read in this article that I needed to create an alias and/or set up Nameservers in AWS Route53. I tried doing that but don't know what I'm doing and it seems to conflict with the Medium article I linked above that I followed telling me to change the CNAME record for the URL and the Redirect URL record for "website.com".
QUESTION
What do I do from here?
SITUATION
-I have a Parse Server on Elastic Beanstalk with URL “something.elasticbeanstalk.com”
-I have a domain with Namecheap called “website.com”
WHAT I NEEDED
I needed to make my client app connect to an HTTPS address since Apple is requiring it shortly with App Transport Security. Since I couldn’t get an SSL certificate using AWS certificate manager for “something.elasticbeanstalk.com”, I created one for “website.com”. I then needed to have my client app connect to the HTTPS “website.com” which would forward it over to “something.elasticbeanstalk.com”. This satisfied the HTTPS requirements of Apple.
HOW TO DO IT
Make an SSL certificate for “website.com” using AWS Certificate Manager. You will need to confirm the domain via a confirmation email to the administrator for it.
Apple the SSL certificate for “website.com” to the AWS EB Load Balancer. Go to your AWS EB Console, click "configuration", click "Load Balancing" under the "Network Tier" category. Now under the first category which is "Load Balancer", select the SSL record you made and apply it in the "SSL certificate ID" section.
Set a CNAME record for “website.com” with a host of whatever subdomain of “website.com” you want. I chose “data” as my host value and subdomain (so my subdomain is “data.website.com”). Set the value of the CNAME record to “something.elasticbeanstalk.com”. Wait for it to propagate. It’s usually pretty fast but not always.
(I’m unsure if this particular step is proper but it worked for me) Set the serverURL of Parse-Server to “https://something.elasticbeanstalk.com” and the publicServerURL to “https://data.something.com”
In the Parse “initializeWithConfiguration” method in your client app that enables the app to connect to the server, change the server URL to “https://data.something.com/parse”. NOTE: include the “/parse” which is the MOUNT PATH of the parse-server. This value MAY BE DIFFERENT for you depending on how you set it but I set it to “/parse” since that’s what I saw in the Parse-Server docs.
NOTES
-I deleted all Route53 records since they are irrelevant here since “something.com” DNS services are controlled by Namecheap.
-A Redirect URL record in Namecheap is unnecessary
I am new in the Amazon EC2 world, I just created an app, that is located URL like this:
http://ec2-54-123-45-678.compute-1.amazonaws.com:8080
This is generated URL by Amazon EC2.
Now I would need to use my own domain name, so when I would access www.my-domain-name.com, I would like to see the content from
http://ec2-54-123-45-678.compute-1.amazonaws.com:8080
I bought the domain name on Godaddy.
Is there any way to do this in Amazon AWS dashboard or do I need to set it up in Godaddy system?
Thanks
I am answering on a more general level because I stumbled upon this thread when setting my custom domain.
In Amazon I created an instance and associated an IP to that instance. You were able to access it by typing in the amazon url
I actually used Media Temple not GoDaddy, but it will be similar. I went to the zone file and added that public url to the www
And as you can see, here is my blog actually working on the custom domain.
I set the wildcard because that way, no matter what someone types, if it is not set, then they will still see the site.
EDIT
For the root URL you should be entering your elastic IP and setting that as an A record.
First you need to set an ElasticIP for associated to that instance.
Then point the DNS entry of "www" for "my-domain-name.com" to the IP assigned in the step above.
Where you manage your DNS is another thing, can be in GoDaddy or in AWS Route53. You must adjust the delegation DNS in the "my-domain-name.com" register. Ex: your domain can be registered with GoDaddy but its delegation DNS point to Route53 so you can manage the domain from your AWS Console.
In order to setup DNS mapping you can map the existing IP 54.123.45.678 to ex: www.my-domain-name.com.
However, as you are running tomcat which is running at 8080 you need to forward the the request to the tomcat using Apache. So that you can visit www.my-domain-name.com without port 8080. If you are using linux box install Apache, apache-modjk and then configure sites.