Versions Compared

Old Version 18

changes.mady.by.user Former user

Saved on

compared with

New Version 19

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

If you have a backend with a self-signed certificate (or a certificate which is not signed by a CA) you need to import it to the client-truststore and restart the server. This feature enables you to upload the backend certificate through API Publisher while creating or editing your API. Follow the steps below to add a new certificate to any endpoint. Note that this feature supports only HTTP/REST and HTTP/SOAP endpoints.

Warning

This is available only as a WUM update and is effective from 27th November 2017 (2017-11-27). For more information on updating WSO2 API Manager, see Updating WSO2 Products.

...

Note

This feature currently supports only the the following formats for keystores and certificates.

  • Keystore : .jks
  • Certificate : .crt

If you need to use a certificate in any other format, you can convert it using a standard tool before uploading.

Info

After configuring, the certificate will be added to the Gateway nodes which are defined under the Environments in api-manager.xml. In a clustered setup, clustering setup, as gateway configurations are identical, sync the <APIM_HOME>/repository/resources/security/sslprofiles.xml file and the and <APIM_HOME>/repository/resources/security/client-truststore.jks should be synced between all the Gateway and Publisher jks among the gateway nodes. After the configured interval, the synapse transport will be reloaded in all the gateway nodes.

Adding a certificate

...