Logo

dev-resources.site

for different kinds of informations.

webMethods Developer portal, elastic search with SSL

Published at
3/2/2023
Categories
api
apimanagement
webmethods
ssl
Author
techcomm_sag
Main Article
https://dev.to/techcommunity/webmethods-developer-portal-elastic-search-with-ssl-2c08
Categories
4 categories in total
api
open
apimanagement
open
webmethods
open
ssl
open
Author
12 person written this
techcomm_sag
open
webMethods Developer portal, elastic search with SSL

products versions - {webMethods Developer Portal 10.11 & above}

Introduction

In this tutorial, we are going to see how we can secure the elastic search shipped along with the Developer portal installation.

Pre-requisite

Install Developer Portal version 10.11 or higher.

Steps to follow

Create tmp folder

[sv@daeapiportal08rh Install]$ mkdir es

[sv@daeapiportal08rh Install]$ cd es/

Create instance yaml file

Create a file with following details (Note: node here refer the machine name)

[sv@daeapiportal08rh es]$ vi instance.yml

instances:

- name: ‘daeapiportal08rh’  
dns: [‘daeapiportal08rh.eur.ad.sag’]
Enter fullscreen mode Exit fullscreen mode

Image description

Generate CA and server certificates

Navigate to the elastic search folder (e.g : ES location /InternalDataStore/) run the following command

[sv@daeapiportal08rh InternalDataStore]$ bin/elasticsearch-certutil cert --keep-ca-key --pem --in ~/Install/es/instance.yml --out ~/Install/es/certs.zip

Unzip the certificates & copy to ES folder

Unzip the certificates using the following command

unzip certs.zip -d ./certs

image

Create a folder inside ES folder & copy the certificates to it

[sv@daeapiportal08rh config]$ mkdir certs

[sv@daeapiportal08rh config]$ cp ~/Install/es/certs/ca/* ~/Install/es/certs/daeapiportal08rh/* certs/

Configure elasticsearch.yml

Add the following lines to your elasticsearch.yml file and remove the duplicate entries

node.name: daeapiportal08.eur.ad.sag
network.host: daeapiportal08.eur.ad.sag
xpack.ml.enabled: false
xpack.security.enabled: true
xpack.security.http.ssl.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.http.ssl.key: certs/daeapiportal08.key
xpack.security.http.ssl.certificate: certs/daeapiportal08.crt
xpack.security.http.ssl.certificate_authorities: certs/ca.crt
xpack.security.transport.ssl.key: certs/daeapiportal08.key
xpack.security.transport.ssl.certificate: certs/daeapiportal08.crt
xpack.security.transport.ssl.certificate_authorities: certs/ca.crt
discovery.seed_hosts: ["daeapiportal08.eur.ad.sag"]
cluster.initial_master_nodes: ["daeapiportal08.eur.ad.sag"]
Enter fullscreen mode Exit fullscreen mode

image

Start & Set built-in user password

[sv@daeapiportal08rh bin]$ ./startup.sh

Run the following command once the ES is started, secure the password somewhere we will need it later.

./elasticsearch-setup-passwords auto -u "https://daeapiportal08rh.eur.ad.sag:9240"

image

Access _cat/nodes API via HTTPS

curl --cacert ~/Install/es/certs/ca/ca.crt -u elastic 'https://daeapiportal08rh.eur.ad.sag:9240/_cat/nodes?v'

image

Add the elastic search https url & Basic Auth details in Developer portal config file

Add the following details in the config(/profiles/CTP/configuration/dpo_wrapper.conf) file

wrapper.java.additional.2000=-Dspring.elasticsearch.uris=https://daeapiportal08rh.eur.ad.sag:9240

wrapper.java.additional.2006=-Dspring.elasticsearch.username=elastic

wrapper.java.additional.2007=-Dspring.elasticsearch.password=m8XnkjtqoyOLVgnU9qU5

image

Once the file is saved, restart the CTP server(/profiles/CTP/bin).

Now you should able to access the Developer Portal UI without any issue.

Useful links | Relevant resources

Configuring SSL, TLS, and HTTPS to secure Elasticsearch, Kibana, Beats, and Logstash | Elastic Blog

Read full topic

apimanagement Article's
30 articles in total
Favicon
Exploring Alternatives to Kong Enterprise for API Management
Favicon
Bruno vs. EchoAPI: A Detailed Comparison of Top API Management Tools
Favicon
9 Top API Management Solutions for a Small Business to Enterprise
Favicon
What is API Management and How It Benefits Your Organization
Favicon
Load testing 3scale
Favicon
Creating a Microsoft SQL Server API in Less Than 5 minutes with DreamFactory
Favicon
10 Reasons for Choosing API7
Favicon
Looking for APISIX Experts? Find API7.ai
Favicon
Is Full Lifecycle API Management Really Dead?
Favicon
Configure two way TLS communication with Developer Portal
Favicon
Why Banking as a Service (BaaS) needs good API management
Favicon
Creating an Expiration Utility for Automatic User Subscription Deactivation in Azure API Management
Favicon
Тhe best stories are yours – part 5
Favicon
Secure and Robust Database Connectors with webMethods.io
Favicon
API Security Alert: Attacker Activity Surges By 400% In Half A Year
Favicon
Compare APIs And Microservices: What’s the Difference
Favicon
How attackers exploit API vulnerabilities and what you can do about it!
Favicon
Connecting Azure API Management with an Azure Function with Azure CLI
Favicon
webMethods Developer portal, elastic search with SSL
Favicon
ChatGPT for API Design
Favicon
2023 and beyond - Top 3 API Platform Trends
Favicon
Software AG API Gateway - The journey to observability
Favicon
Slow or problematic backend? - Bulkhead is here for the rescue
Favicon
What are API Marketplaces and how you can build one using webMethods Developer Portal
Favicon
Design and document APIs faster with Stoplight and webMethods API Management
Favicon
Migrate API Portal 10.7 to Developer Portal 10.11
Favicon
Explaining API Management to your mom
Favicon
Efficient OAuth Authorisation Management in Azure API Management
Favicon
Implementing a Token Store with APIM Authorizations
Favicon
Using SwaggerHub with webMethods API Gateway

Featured ones:

Favicon
Open
abubakersiddique761
Favicon
Open
0x3d_site
Favicon
Open
0x2e_tech
Favicon
Open
0x4c-quest
Favicon
Open
gittech