Properties for enabling TLS on Dev Portal (Apigee 4.17.01)

rmishra
Participant V

Hello,

I have Developer portal running over HTTP on 8079. In 4.17.01, it seems that the default http server is nginx.

I looked at http://docs.apigee.com/private-cloud/latest/configuring-portal-use-https . This applies only for Apache.

What's the process for converting to HTTPS when using Nginx, Can i just put a conf.d file for devportal in nginx ? Or do i need to define custom properties in opt/apigee/apigee-drupal-devportal-4.17.01.01-0.0.96/conf/devportal.properties , what are those property names?

The confusion arises because the nginx listen port is defined in the devportal.properties and not in nginx conf.d as i would expect

Thanks for your help

0 6 408
6 REPLIES 6

Not applicable

Hi @rmishra , check my answer here

https://community.apigee.com/questions/42108/how-to-configure-ssl-for-dev-portal-on-premise.html?chi...

and let me know if works for you.

The conf_devportal_nginx_listen_port key is only to change the http port which is in the file apigee-drupal-devportal-nginx.conf.

You can't add SSL properties directly or using CWC in that file and you should created a different nginx conf file for SSL. Refer my answer for more info.

@Maruti Chand

It does work but now how do i do i make the change to disable the default http access.

My goal is to redirect all http traffic to https

I also tried editing /sites/default/settings.php as documented in http://docs.apigee.com/developer-services/content/using-ssl-portal but it didn't work

I have a single Private Cloud installation of Dev Portal (not sitting behind a load balancer)

Not applicable

@rmishra good question.

I haven't tried the below but sharing my thoughts

#1 Present http settings are in /opt/apigee/data/apigee-lb/conf.d/apigee-drupal-devportal-nginx.conf, you can't add a redirect right now using CWC or delete this file as restart creates it again.

#2 This conf is loaded during nginx start as the above is included in the /opt/nginx/conf/nginx.conf as "include /opt/apigee/data/apigee-lb/conf.d/*.conf;"

#3 Just delete that line, cp apigee-drupal-devportal-nginx.conf to default.conf and include this default.conf instead of * in your nginx
(include the SSL one too), now add this return301 https://$host$request_uri; in the server{ } like below

server{
listen 80 default_server;
server_name_;
return 301 https://$host$request_uri;
} 

reload nginx

Let me know how it goes.

@Maruti Chand

Will try, one of the things which is kind of confusing to me is, the files which i can't edit (because they get reset) vs the files which i can

Just this /opt/apigee/data/apigee-lb/conf.d/apigee-drupal-devportal-nginx.conf gets reset, the others should be fine.

I was asking for a more generic pattern. Something which applies to all components