I am trying to disable SSL\HTTPS in WSO2 API Manager 3.1.0 but it always redirects to https endpoint during authentication. How to make it work only on http so that i can configure SSL off loading in load balancer ?
Related
I am getting SSL errors whenever SSL certificates on backend are updated. Is there a way to disable the SSL verification in wso2 api manager gateway
It is not recommended to disable SSL verification for an HTTPS endpoint. It is mandatory to import the backend certificate to the client-trustore file. It is better to use an HTTP endpoint instead of an HTTPS endpoint in these kinds of scenarios.
We have two API servers running in HA mode i.e. same set of services are running on both VMs with same environment. We would like to use WSO2 APIM for API Security but the problem is that we have not been able to find how to use HA routing services in WSO2 APIM.
E.g.
API Server 1- http://192.168.0.2/getCustomerDetails
API Server 2- http://192.168.0.3/getCustomerDetails
API Gateway- 192.168.0.10
Once registered on API Gateway the service endpoints become-
URL1- https://192.168.0.10:8243/getCustInfo1
[edit]
URL2- https://192.168.0.10:8243/getCustInfo2
Now the question is how does WSO2 APIM decides where to route the request i.e. URL1 or URL2 for accessing the same business service? Or there is some concept like virtual ip usage in WSO2 APIM?
You don't have to create 2 APIs in API Manager for your 2 backend URLs. Create a single API and use Load Balancing or Failover Endpoints[1].
[1] https://apim.docs.wso2.com/en/latest/Learn/DesignAPI/Endpoints/high-availability-for-endpoints/
I can make HTTP REST call inside a BPM Process. How do I do a secure HTTPS call. In Oracle I have to add the certificate to a wallet and then make the call. So how do you do that in WSO2 as it fails if I change the URL from HTTP to HTTPS ?
You have to import the certificates to client-truststore as in this documentation.
I have created https based api in one of the wso2 esb 5.0.0 server, so now I want to call this https api from another wso2 esb 5.0.0.server. But I am getting SSL certificate error when calling https api from another wso2 esb server.
I have tried after importing localhost and wso2carbon certificates into client trust store and also wso2carbon key stores but no luck.
Does anyone tried ?
I've read source code of wso2 greg, and find that there is a tomcat embedded in it, and there are two connectors: http with port 9763 and https with port 9443. But when I type the url [http://localhost:9763/carbon] in browser, it redirect to https automatically. While I can't find the related source code about the redirecting.
Can anybody help?
thx
The Management Console (UI) of all WSO2 Carbon based products communicate with backend web service called AdminService. These services are secured and that's why it can be accessed only through https.
More info - http://charithaka.blogspot.com/2013/06/invoking-wso2-carbon-admin-services.html