If the directory/file paths specified in this guide do not exist in your WSO2 product, see Directory Structure of WSO2 Products to locate the paths applicable to your product.
Administration Guide 4.4.x
||
Skip to end of metadata
Go to start of metadata

Similar to the HTTP transport, the HTTPS transport is also based on Apache Tomcat's connector implementation. Both the HTTP and HTTPS connector configurations are available in the catalina-server.xml file (stored in the <PRODUCT_HOME>/repository/conf/tomcat/ directory). The transport class that should be specified for each connector configuration in the catalina-server.xml file is as follows:

<Connector protocol="org.apache.coyote.http11.Http11NioProtocol"/>

See the following topics for instructions on configuring this transport:

Configuring the HTTPS connector parameters

In addition to the configuration parameters supported by the HTTP servlet transport, the HTTPS servlet transport supports the configuration parameters listed below. You can configure these parameters in the catalina-server.xml file (stored in the <PRODUCT_HOME>/repository/conf/tomcat/ directory). For a complete list of supported parameters, see Apache Tomcat's connector configuration reference.

In transport parameter tables, literals displayed in italic mode under the "Possible Values" column should be considered as fixed literal constant values. Those values can be directly put in transport configurations.

Parameter Name

Description

Required

Possible Values

Default Value

sslProtocol

Transport level security protocol to be used.

No

TLS, SSL

TLS

keystore

Path to the keystore which should be used for encryption/decryption.

Yes

A valid file path to a keystore file


keypass

Password to access the specified keystore.

Yes

A valid password


Defining multiple tomcat connectors

You have the option of defining multiple tomcat connectors in the catalina-server.xml file. Note that when you define multiple connectors, all the endpoints of the applications deployed in your WSO2 server will still be exposed through all the connector ports. However, you can configure your load balancer to ensure that only the relevant applications are exposed through the required connector port.

Therefore, you can use multiple connectors to strictly separate the applications deployed in your server as explained below.

  1. See the example given below where two connectors are defined in the catalina-server.xml file.

    <!-- Connector using port 9763 -->
 <Connector protocol="org.apache.coyote.http11.Http11NioProtocol"
                   port="9763"
                   ......
                   ....../>
<!-- Connector using port 9764 -->
 <Connector protocol="org.apache.coyote.http11.Http11NioProtocol"
                   port="9764"
                   ......
                   ....../>
  2. Configure your load balancer so that the relevant applications are exposed through the required connector port.
  • No labels
||