Configuring the portal to use HTTPS

Developer Services Portal v. 4.16.05

All Apigee recommended Private Cloud installations of the portal require the portal to be behind a load balancer. Therefore, you configure SSL on the load balancer itself, and not on the portal. The procedure that you use to configure SSL is therefore dependent on the load balancer.

See Using TLS on the portal for an overview of using SSL on the portal.

However, if necessary, you can configure SSL on the web server that hosts the portal. By default, Apigee installs the Apache web server.

  1. Obtain your SSL key and certificate.
  2. Ensure that you install mod_ssl as described in Developer Services portal installation by using the command:
    > yum install mod_ssl
  3. Update /etc/httpd/conf/httpd.conf:
    1. If you want to disable HTTP access on port 80, search for 'Listen 80' and comment it out.
    2. Add the following lines at the end of file:
      LoadModule ssl_module modules/
      Listen 443
  4. Setup a virtual host by editing /etc/httpd/conf/vhosts/devportal.conf to add the following:
    <VirtualHost *:443>
    ServerName localhost
    SSLEngine on
    SSLCertificateFile "<public cert path>"
    SSLCertificateKeyFile "<private key path>"
    DocumentRoot "/var/www/html"
    <Directory "/var/www/html">
    Options Indexes FollowSymLinks MultiViews
    AllowOverride All
    Order allow,deny
    Allow from all

    Also, comment out the existing VirtualHost definition if you do not want to use HTTP.
  5. Because SSL is configured in httpd.conf, you do not need ssl.conf:
    > mv /etc/httpd/conf.d/ssl.conf /etc/httpd/conf.d/ssl.conf.orig
  6. Restart Apache:
    > service httpd restart
    You might be prompted to enter the passphrase for your key file.

You should be able to access the portal over SSL.