如何在WSO2 APIM Analytic 3.0.0中配置SSL？

Question

我正在Docker上使用WSO2 APIM（source am）和WSO2 APIM Analytic（source worker和source dashboard）。

我正在寻找更改WSO2 Analytics证书的解决方案。

我知道这个新版本，我们需要配置deploy.yaml文件。但是似乎很难理解。而且我不知道我需要配置哪个元素。有两个可疑元素，它们具有keystore属性：

databridge.config:
    # No of worker threads to consume events
    # THIS IS A MANDATORY FIELD
  workerThreads: 10
    # Maximum amount of messages that can be queued internally in MB
    # THIS IS A MANDATORY FIELD
  maxEventBufferCapacity: 10000000
    # Queue size; the maximum number of events that can be stored in the queue
    # THIS IS A MANDATORY FIELD
  eventBufferSize: 2000
    # Keystore file path
    # THIS IS A MANDATORY FIELD
  keyStoreLocation : ${sys:carbon.home}/resources/security/wso2carbon.jks
    # Keystore password
    # THIS IS A MANDATORY FIELD
  keyStorePassword : wso2carbon
    # Session Timeout value in mins
    # THIS IS A MANDATORY FIELD
  clientTimeoutMin: 30
    # Data receiver configurations
    # THIS IS A MANDATORY FIELD
  dataReceivers:
  -
      # Data receiver configuration
    dataReceiver:
        # Data receiver type
        # THIS IS A MANDATORY FIELD
      type: Thrift
        # Data receiver properties
      properties:
        tcpPort: '7611'
        sslPort: '7711'

  -
      # Data receiver configuration
    dataReceiver:
        # Data receiver type
        # THIS IS A MANDATORY FIELD
      type: Binary
        # Data receiver properties
      properties:
        tcpPort: '9611'
        sslPort: '9711'
        tcpReceiverThreadPoolSize: '100'
        sslReceiverThreadPoolSize: '100'
        hostName: 0.0.0.0

和

 wso2.transport.http:
  transportProperties:
    - name: "server.bootstrap.socket.timeout"
      value: 60
    - name: "client.bootstrap.socket.timeout"
      value: 60
    - name: "latency.metrics.enabled"
      value: true

  listenerConfigurations:
    - id: "default-https"
      host: "0.0.0.0"
      port: 9643
      scheme: https
      keyStoreFile: "${carbon.home}/resources/security/wso2carbon.jks"
      keyStorePassword: wso2carbon
      certPass: wso2carbon

那我应该配置什么呢？

非常感谢您。

Answer 1

您可以执行以下操作。

1. 创建新证书
2. 创建一个名为wso2carbon.jks的新密钥库。
3. 用位于wso2am-analytics-3.0.0 / resources / security位置中的现有密钥库替换新的密钥库wso2carbon.jks。
4. 将新证书添加到位于wso2am-analytics-3.0.0 / resources / security位置的clien-trustore.jks文件中。

您可以在https://docs.wso2.com/display/ADMIN44x/Creating+New+Keystores

中找到文档。

Answer 2

您应该能够实现以下目标。

1）对于工作人员资料

databridge.config:
&
listenerConfigurations :   id: "msf4j-https"

2）对于仪表板配置文件

listenerConfigurations: id: "default-https"