Try WSO2 Cloud for Free
Sign in
||
Skip to end of metadata
Go to start of metadata

In WSO2 API Cloud, the default base URL for the API Store is https://api.cloud.wso2.com. Subscribers invoke the APIs published in this store through the API Gateway component. Therefore, the default base URL of the APIs is http(s)://gateway.api.cloud.wso2.com.

You can use customized URLs that are more representative of your company or personal branding instead of using the default URLs.

The following sections describe how to customize URLs:

Customize the API Store URL

Customizing the API Store URL makes your API store easier to find. It is a quick and efficient way to differentiate your API Store from all the other API Stores in WSO2 Cloud. Moreover, your company URL is an important part of your developer community experience and subscribers enter the API Store URL into a browser to get to your API Store.

  1. Log in to the API Cloud as the tenant admin.
    In the API Publisher, click Configure and select Custom URL from the drop-down menu.

    Click Modify and enter the API Store custom URL. In this example, we use developers-test.wso2stagingapps.com.
    You can create a custom domain name, SSL certificates, and DNS records. For more information, see Create SSL certificates and DNS records.

    Click Verify to check whether a CNAME record exists for this URL.
    If the CNAME verification is successful, you are prompted for the SSL certificates. Upload the files that you created and click Proceed.

    The certificate files must satisfy the following requirements:

    FileRequirements
    SSL certificateThis is the certificate you got in step 6. It must satisfy the following requirements:
    • In X509 format

    • Not expired

    • Issued directly or by a wild card entry for a provided custom URL. For example,

      • In the direct method, if the CNAME is store.wso2.com, the issued SSL file must contain store.wso2.com.

      • In the wildcard method, if the CNAME is store.wso2.com, the issued SSL file should be *.wso2.com.

    SSL Key FileThe private key of the certificate that you got in step 2 of Create SSL certificates and DNS records. It must be encrypted in the RSA format.

    Note that you receive a notification saying "Custom URL mapping is successfully added" if the files are uploaded successfully.

    Tip: Wait approximately 10 minutes for the changes to take effect. Adding the configurations and restarting the load balancers can take some time.

    You have successfully changed the API Store domain name to a custom value.

  2. Access the API Store using your new URL. In this example, the new API Store URL is https://developers-test.wso2stagingapps.com.

Customize the API Gateway URL

Rather than using the default URL that WSO2 API Manager generates for your Gateway URL, you can have a customized Gateway URL that is more representative of your company or personal branding. You can also route your traffic to a different AWS region. 

WSO2 API Cloud currently supports regional gateways in Canada, US East, US West, Brazil (São Paulo), EU (Ireland), EU (Frankfurt), UK (London), Singapore, Tokyo, Sydney, Seoul, and Mumbai. The default region is US East. You can choose your region from the available options. Region selection requires you to use a custom URL for your gateway. To use multiple regions, contact WSO2 API Cloud support via a support request or chat.

Follow the steps below to customize your API Gateway URL.

  1. Log in to the API Cloud as the tenant admin.
  2. In the API Publisher, click Configure and select Custom URL from the drop-down menu.
  3. Click Modify to change the existing domain.

  4. Select the preferred region from the drop-down list.

  5. Selecting a different region other than the default gateway (US East) requires the Getting Traction or a higher subscription plan. If you have a trial account or a Starter plan, please upgrade your account.
  6. Note the new domain name updated in the UI.
  7. Enter the API Gateway custom URL. In this example, we use developers-test-gateway.wso2stagingapps.com.

  8. Click Verify to check whether a CNAME record exists for this URL.

  9. If the CNAME verification is successful, you are prompted for the SSL certificates. Upload the files that you created and click Proceed.

    The certificate files should satisfy the following requirements:

    FileRequirements
    SSL certificateThe certificate you got in step 6. It must satisfy the following requirements:
    • In X509 format

    • Not self signed

    • Not expired

    • Issued directly or by a wild card entry for a provided custom URL. For example,

      • In the direct method, if the CNAME is store.wso2.com, the issued SSL file must contain store.wso2.com.

      • In the wildcard method, if the CNAME is store.wso2.com, the issued SSL file should be *.wso2.com.

    SSL Key FileThe private key of the certificate that you got in step 2 of Create SSL certificates and DNS records. It must be encrypted in the RSA format.
    Chain FileThe public key of the certificate that you got in step 5 of Create SSL certificates and DNS records. If the public key is included in the SSL file, extract it to a chain file.

     Note that you receive a notification saying "Custom URL mapping is successfully added" if the files are successfully uploaded.

    Tip: Wait approximately 10 minutes for the changes to take effect as adding the configurations and restarting the load balancers can take some time.

    If you have selected a region that requires additional configurations, you see the following message followed by an email with instructions.

    The Cloud team will contact you via email once the regional gateway is ready with the custom URL you have added.

  10. Once the configurations above are successful, you can visit the API Store, select an API and note the new API URLs in its Overview page. This changes according the new API Gateway URL.

Create SSL certificates and DNS records

This tutorial explains how you can generate DNS records and SSL certificates to configure a custom URL for WSO2 API Cloud.

  1. Install an SSL key generation tool. OpenSSL is used in this tutorial.

  2. Using the command-line, navigate to a location of your choice in the server and execute the following command to generate a private SSL key by the name private.key.

    openssl genrsa -out private.key 2048

    Note that the key file is generated in your folder location.

  3. In the command-line, execute the following command to generate a certificate signing request file for your custom URL. Be sure to change the business address in this command to your own.

    openssl req -new -key private.key -sha256 -nodes -out request.csr -subj "/C=US/ST=California/L=Mountain View/O=WSO2/OU=IT/CN=developers.mytesturl.info"

    Note that the certificate signing request file is generated in your folder location.

  4. Go to a certificate vendor of your choice and use the certificate signing request file to obtain a certificate for your domain. Any certificate that is accepted by browsers work. We used https://www.comodo.com/ as the certificate authority in this tutorial.

    When you are done, you typically receive an email with the certificate for your domain along with the certificate authority's root and intermediate certificates. Some certificate authorities provide the root and intermediate files as a single chain file, some others provide multiple files, and some others provide none.

  5. If you received multiple root and intermediate files from your certificate authority, use the cat utility (available in Unix and Unix-based operating systems) to concatenate them to a single chain file (chain.crt). For example,

    cat COMODORSADomainValidationSecureServerCA.crt COMODORSAAddTrustCA.crt AddTrustExternalCARoot.crt > chain.crt

    Tip: Do the following to concatenate the certificate files if you are using Microsoft Windows:

    • Open all certificate files except your domain certificate in a text editor like the notepad.

    • Create a new blank text file.

    • Copy the contents of all files in the reverse order and paste them into the new text file. For example, copy intermediate 3, intermediate 2, intermediate 1, and then the root certificate.

    • Save the newly created file (say chain.crt).

    Note that the chain.crt file should have content in the following order: 

    -----BEGIN CERTIFICATE-----
    (Your Intermediate certificate: COMODORSADomainValidationSecureServerCA.crt)
    -----END CERTIFICATE----- 
    
    -----BEGIN CERTIFICATE-----
    (Your Intermediate certificate: COMODORSAAddTrustCA.crt)
    -----END CERTIFICATE-----
    
    -----BEGIN CERTIFICATE-----
    (Your Root certificate: AddTrustExternalCARoot.crt)
    -----END CERTIFICATE-----
  6. Reserve a domain name with any domain registrar and create DNS CNAME records that map the domain to your API Store and Gateway URLs.

    Tip: Most domain registrars provide step-by-step instructions in their websites. For your convenience, we have listed the general steps below.

     Expand to see the listed steps
    • Sign in to the domain registrar’s site.
    • Navigate to your Domain Name Server (DNS) management page. The location and name of this page vary by the host, but can generally be found under the 'Domain Management' or 'Advanced Settings' section.
    • Find the CNAME settings. Under the 'CNAME value or alias,' enter the subdomain that you'd like to map each URL to. The subdomain of developers.mytesturl.info is developers.
    • Set the CNAME destination to the API Cloud's custom DNS endpoint, which is customdns.api.cloud.wso2.com. When configuring custom url for API gateway, if you select a region different than the default region ( US East ) remember to set the CNAME destination according to the following table.



    We allow to use self-signed certificates for educational purposes and for internal usages, but we do not recommend to use self-signed certs.

    You now have the SSL certificates and DNS records that you require to configure a custom URL for the API Cloud.

  • No labels