For the showcase purpose I will be using the store application which resides inside WSO2 API Manager 2.1.0
Following are API Manager specific configs which needs to be done.
1. Set proxyPort attribute for connector configs resides in <AM_HOME>/repository/conf/tomcat/catalina-server.xml file.
<Connector protocol="org.apache.coyote.http11.Http11NioProtocol"
port="9763"
redirectPort="9443"
proxyPort="80"
bindOnInit="false"
maxHttpHeaderSize="8192"
/>
<Connector protocol="org.apache.coyote.http11.Http11NioProtocol"
port="9443"
proxyPort="443"
bindOnInit="false"
sslProtocol="TLS"
maxHttpHeaderSize="8192"
/>
Note that I have removed some attributes for brevity.
2. Update reverseProxy configuration resides inside <AM_HOME>/repository/deployment/server/jaggeryapps/store/site/conf/site.json
"reverseProxy" : {
"enabled" : true,
"host" : "localhost",
"context":"",
}
After above changes start/restart the AM node.
Now the Nginx configuration,
Make sure to generate and store SSL certificate and the key within /etc/nginx/ssl directory.
For the explanation purpose I will be having two server blocks, which can be consolidated to a one.
server{
listen 80;
server_name localhost;
location / {
proxy_pass http://localhost:9763/store/;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
include /etc/nginx/proxy_params;
proxy_cookie_path ~*^/.* /;
}
}
server{
listen 443 ssl;
ssl_certificate /etc/nginx/ssl/nginx.crt;
ssl_certificate_key /etc/nginx/ssl/nginx.key;
server_name localhost;
location / {
proxy_pass https://localhost:9443/store/;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
include /etc/nginx/proxy_params;
proxy_cookie_path ~*^/.* /;
}
}
After reloading the newly added config browse https://localhost or https://localhost,