Similar to the HTTP transport, the HTTPS transport is also based on Apache Tomcat's connector implementation. Both the HTTP and HTTPS connector configurations are available in the catalina-server.xml
file (stored in the <PRODUCT_HOME>/repository/conf/tomcat/
directory). The transport class that should be specified for each connector configuration in the catalina-server.xml
file is as follows:
<Connector protocol="org.apache.coyote.http11.Http11NioProtocol"/>
See the following topics for instructions on configuring this transport:
Configuring the HTTPS connector parameters
In addition to the configuration parameters supported by the HTTP servlet transport, the HTTPS servlet transport supports the configuration parameters listed below. You can configure these parameters in the catalina-server.xml
file (stored in the <PRODUCT_HOME>/repository/conf/tomcat/
directory). For a complete list of supported parameters, see Apache Tomcat's connector configuration reference.
In transport parameter tables, literals displayed in italic mode under the "Possible Values" column should be considered as fixed literal constant values. Those values can be directly put in transport configurations.
Parameter Name | Description | Required | Possible Values | Default Value |
---|---|---|---|---|
sslProtocol | Transport level security protocol to be used. | No | TLS, SSL | TLS |
keystore | Path to the keystore which should be used for encryption/decryption. | Yes | A valid file path to a keystore file | |
keypass | Password to access the specified keystore. | Yes | A valid password |
Defining multiple tomcat connectors
You have the option of defining multiple tomcat connectors in the catalina-server.xml
file. Note that when you define multiple connectors, all the endpoints of the applications deployed in your WSO2 server will still be exposed through all the connector ports. However, you can configure your load balancer to ensure that only the relevant applications are exposed through the required connector port.
Therefore, you can use multiple connectors to strictly separate the applications deployed in your server as explained below.
See the example given below where two connectors are defined in the
catalina-server.xml
file.<!-- Connector using port 9763 --> <Connector protocol="org.apache.coyote.http11.Http11NioProtocol" port="9763" ...... ....../> <!-- Connector using port 9764 --> <Connector protocol="org.apache.coyote.http11.Http11NioProtocol" port="9764" ...... ....../>
- Configure your load balancer so that the relevant applications are exposed through the required connector port.