This site contains the documentation that is relevant to older WSO2 product versions and offerings.
For the latest WSO2 documentation, visit https://wso2.com/documentation/.

Prerequisites for the Production Environment

Owned by Former user (Deleted)
Last updated: Dec 09, 2020
3 min read

Before you try out WSO2 Open Banking in a production environment, check if the following prerequisites are satisfied accordingly:

Change the default credentials

The default username and password are set as “admin” for the Administrator user in WSO2 Open Banking. Therefore, it is recommended to change the default username and password. You can do it by following the steps below:

  1. Sign in to the Identity and Access Management console at https://<WSO2_OB_IAM_HOST>:9446/carbon.
  2. Click Configure -> User Management -> Users, and Change Password.

Configure the hostname

Usually, WSO2 Open Banking solution finds the hostname of the current machine through the Java API. But it is recommended to configure the hostname for WSO2 Open Banking Identity and Access Management (WSO2 OB IAM) and WSO2 Open Banking API Management (WSO2 OB APIM) servers as follows:

Also, when following the Deployment Guide, you need to change the hostnames accordingly. 

Configure the default ports

When you run multiple WSO2 products, multiple instances of the same product, or multiple WSO2 product clusters on the same server or virtual machines (VMs), you must change their default ports with an offset value to avoid port conflicts.

Port Offset

The port offset defines the number by which all ports defined in the runtime such as the HTTP/S ports will be offset. For example, if the HTTP port is defined as 9763 and the port offset is 1, the effective HTTP port will be 9764. Therefore, for each additional WSO2 product, instance, or cluster you add to a server, set the port offset to a unique value (the default is 0).

 Click here to find the list of default ports in WSO2 Open Banking when the port offset is 0...

Common ports

The following ports are common to all WSO2 products that provide the given feature. Some features are bundled in the WSO2 Carbon platform itself and therefore are available in all WSO2 products by default.

Management console ports

WSO2 products that provide a management console (except WSO2 Enterprise Integrator) use the following servlet transport ports:

  • 9443 - HTTPS servlet transport (the default URL of the management console is https://localhost:9443/carbon)
  • 9763 - HTTP servlet transport

WSO2 Enterprise Integrator (WSO2 EI) uses the following ports to access the management console:

  • 9443 - HTTPS servlet transport for the ESB runtime (the default URL of the management console is https://localhost:9443/carbon)
  • 9445 - HTTPS servlet transport for the EI-Business Process runtime (the default URL of the management console is https://localhost:9445/carbon)
  • 9444 - Used for the EI-Analytics management console
LDAP server ports

Provided by default in the WSO2 Carbon platform.

  • 10389 - Used in WSO2 products that provide an embedded LDAP server
JMX monitoring ports

WSO2 Carbon platform uses TCP ports to monitor a running Carbon instance using a JMX client such as JConsole. By default, JMX is enabled in all products as follows. You can:

  • Configure ports for JMX-based monitoring
  • Disable JMX-based monitoring
  • Enable JMX for a datasource
  • Monitor WSO2 OB IAM and WSO2 OB APIM servers with JConsole
  • Monitor WSO2 OB IAM and WSO2 OB APIM servers with Jolokia

Let's see how to achieve each of the above tasks in WSO2 OB IAM and WSO2 OB APIM servers:

Clustering ports

To cluster any running Carbon instance, either one of the following ports must be opened.

  • 45564 - Opened if the membership scheme is multicast
  • 4000 - Opened if the membership scheme is Well-Known Address (WKA)
Random ports

Certain ports are randomly opened during server startup. This is due to the specific properties and configurations that become effective when the product is started. Note that the IDs of these random ports will change every time the server is started.

  • A random TCP port will open at server startup because of the -Dcom.sun.management.jmxremote property set in the server startup script. This property is used for the JMX monitoring facility in JVM.
  • A random UDP port is opened at server startup due to the log4j appender (SyslogAppender), which is configured in the <WSO2_OB_IAM_HOME>/repository/conf/log4j.properties and <WSO2_OB_APIM_HOME>/repository/conf/log4j.properties files.

Configuring solution-specific ports

In order to configure ports for the WSO2 Open Banking solution, see here.


Check the compatibility for JVM version

  • The recommended version is JDK 1.8.
  • Set the appropriate heap values for JVM based on your deployment scenario. The values can be customized in the wso2server.sh file in the <WSO2_OB_IAM_HOME>/bin and <WSO2_OB_APIM_HOME>/bin directories. As an example, java heap values are mentioned as -Xms256m -Xmx1024m in <WSO2_OB_APIM_HOME>/bin/wso2server.sh.