Securing Developer Portal and webMethods API Gateway communication

When you configure a Developer Portal instance as one of the destinations from webMethods API Gateway, you can enable two-way SSL for the communication between both components.

Before you begin

Configure the secured communication with Developer Portal when you specify it as a destination in webMethods API Gateway. For more information, see How do I Configure a Secure Communication Channel between API Gateway and Developer Portal? section from the API Gateway Administration Guide.

About this task

To achieve two-way security between Developer Portal and webMethods API Gateway, specify the security certificate details for both components in the dpo_wrapper.config configuration file.
Note: For OCP deployments, you can perform the security configurations in the custom_wrapper.conf configuration file.

Procedure

Go to the DPOInstalledLocation\DeveloperPortal\configuration folder, open the dpo_wrapper.config file, add the following entry, and save the changes.
wrapper.java.additional.2200=-Dportal.datastore.uris=http://opensearch:9200
wrapper.java.additional.2201=-Djavax.net.ssl.apigateway.keyStore=Keystore_location
wrapper.java.additional.2202=-Djavax.net.ssl.apigateway.keyStorePassword=Keystore_password
wrapper.java.additional.2203=-Djavax.net.ssl.apigateway.trustStore=Truststore_location
wrapper.java.additional.2204=-Djavax.net.ssl.apigateway.trustStorePassword=Truststore_password
where,
Keystore_location
Location of the Developer Portal keystore file.
Keystore_password
Password to access the Developer Portal keystore file.
Truststore_location
Location of the Developer Portal truststore file.
Note: Make sure that the truststore file includes the details of the target component certificates.
Truststore_password
Password to access the Developer Portal truststore file.
Sample
wrapper.java.additional.2200=-Dportal.datastore.uris=http://opensearch:9200
wrapper.java.additional.2201=-Djavax.net.ssl.apigateway.keyStore=C:\Installer\DeveloperPortal\configuration\client-keystore.jks
wrapper.java.additional.2202=-Djavax.net.ssl.apigateway.keyStorePassword=changeit
wrapper.java.additional.2203=-Djavax.net.ssl.apigateway.trustStore=C:\Installer\DeveloperPortal\configuration\client-truststore.jks
wrapper.java.additional.2204=-Djavax.net.ssl.apigateway.trustStorePassword=changeit
SSL is enabled for the communication between the Developer Portal and webMethods API Gateway.