Unknown macro: {next_previous_links}
Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

When creating an API using the API Publisher, you specify the endpoint of its backend implementation in the Implement tab. If you select the endpoint as secured, you are prompted to give credentials in plain-text.

The steps below show how to secure the endpoint's password that is given in plain-text in the UI.

  1. Shut down the server if it is already running and set the element <EnableSecureVault> in the <APIM_HOME>/repository/conf/api-manager.xml file to true. By default, the system stores passwords in configuration files in plain text because this values is set to false. 
  2. Define the synapse property in the synapse.properties file as follows: synapse.xpath.func.extensions=org.wso2.carbon.mediation.security.vault.xpath.SecureVaultLookupXPathFunctionProvider.

  3. Run the cipher tool available in the <APIM_HOME>/bin directory. If you are running Windows, it is the ciphertool.bat file. If you are using the default keystore, give wso2carbon as the primary keystore password when prompted.

    sh ciphertool.sh -Dconfigure
  • No labels
Unknown macro: {next_previous_links2}