See the following topics for instructions:
Table of Contents
Enabling HTTPS access to the management console
All WSO2 products expose the management console through the default HTTPS transport, which is configured in the
catalina-server.xml file (stored in the
<PRODUCT_HOME>/repository/conf/tomcat directory). This transport must be properly configured in this file for the management console to be accessible.
You can now start the product server and access the management console through HTTP. Use the following URL: http://localhost:<port>/carbon/admin/login.jsp, where
<port> corresponds to the HTTP port configured for the server. The default HTTP port for all WSO2 servers is 9763. However, this may change if a port offset is applied to your server as explained here.
Starting the server without the management console
If you want to provide access to the production environment without allowing any user group (including admin) to log into the management console, execute the following command:
You can grant management console access to selected users by configuring role-based permissions.
When hosting your products in production, it's imperative that you restrict the access to the management console from the external network. Additionally, you may also need to restrict access to other applications. Accessing Carbon applications in your server (including the management console) can be restricted to selected IP addresses. You can use the Tomcat servlet filter (
org.apache.catalina.filters.RemoteAddrFilter) for the purpose of restricting access.