If the directory/file paths specified in this guide do not exist in your WSO2 product, see Directory Structure of WSO2 Products to locate the paths applicable to your product.

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Download nginx server.
  2. Install the nginx server in your deployment server by executing the following command:

    Code Block
    titletes
    sudo apt-get install nginx
  3. Create a folder called "ssl" inside /etc/nginx, and create the ssl certificates inside this folder by executing the following commands:

    Code Block
    sudo mkdir /etc/nginx/ssl
    cd /etc/nginx/ssl
  4. The next step is to create the server key and certificates.  First create the private key as shown below. Note that a pass phrase is prompted when creating the private key.

    Code Block
    sudo openssl genrsa -des3 -out server.key 1024
  5. Next, create the certificate signing request as shown below. 

    Code Block
    sudo openssl req -new -key server.key -out server.csr

    Fill in the required details. Most important entry is the Common Name. Enter the domain name or the ip address if there is no domain name.  

  6.   Next step is to sign the SSL certificate using the following command:

    Code Block
    sudo openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

    The certificate is now created.

  7. The last step is to set up the virtual host displaying the new certificate.  Create a copy of the default, " sites-enabled" configuration using the following command:

    Code Block
    sudo cp /etc/nginx/sites-available/default /etc/nginx/sites-available/wso2
  8. Now, create a symbolic between the " sites-enabled" directory and the "sites-available" directory using the following command:

    Code Block
    sudo ln -s /etc/nginx/sites-available/wso2 /etc/nginx/sites-enabled/wso2

    The host is now activated.

  9. Open the /etc/nginx/sites-enabled/wso2 file and enter the following configurations.

    Code Block
    #Configurations for listener 8243.
    server {
    	listen 8243;
     	server_name wso2test.com;
     	client_max_body_size 100M;
     
     	root /usr/share/nginx/www;
     	index index.html index.htm;
     
     	ssl on;
     	ssl_certificate /etc/nginx/ssl/server.crt;
     	ssl_certificate_key /etc/nginx/ssl/server.key;
     
    	#with portOffset 0 running AS
    	location /appserver/ {
    		proxy_pass https://wso2test.com:9443/;
    		proxy_redirect https://wso2test.com:8243/ https://wso2test.com:8243/appserver/;
    		proxy_cookie_path / /appserver;
    	}
     
    	#with portOffset 10 running ESB
    	location /esb/ {
    		proxy_pass https://wso2test.com:9453/;
    		proxy_redirect https://wso2test.com:8243/ https://wso2test.com:8243/esb/;
    		proxy_cookie_path / /esb;
    	}
    }
    
    #Configurations for listener 8280.
    server {
    	listen 8280;
     	server_name wso2test.com;
     	client_max_body_size 100M;
     
     	root /usr/share/nginx/www;
     	index index.html index.htm;
     
    	#with portOffset 0 running AS
    	location /appserver/ {
    		proxy_pass http://wso2test.com:9763/;
    		proxy_redirect http://wso2test.com:8280/ http://wso2test.com:8280/appserver/;
    		proxy_cookie_path / /appserver;
    	}
     
    	#with portOffset 10 running ESB
    	location /esb/ {
    		proxy_pass http://wso2test.com:9773/;
    		proxy_redirect http://wso2test.com:8280/ http://wso2test.com:8280/esb/;
    		proxy_cookie_path / /esb;
    	}
    }
    Note

    According to the nginx configuration, https requests with the /appserver/* pattern are directed to the /* pattern and then when the service is served to the client, it resolves the url pattern to /appserver/*. This works the same for http requests.

  10. Save the file and restart the nginx server using the following command to complete the nginx configuration:

    Code Block
    sudo service nginx restart
  11. In the above configuration, the https and http requests are listening on 8243 and 8280 ports respectively. Server name is set to wso2test.com. To test this in a local machine, you need to add wso2test.com and as.wso2.com to the /etc/hosts file as shown below.

    Code Block
    127.0.0.1  wso2test.com 
    127.0.0.1  as.wso2test.com
    127.0.0.1  esb.wso2test.com

...