Use these artifacts as a reference to build your deployment artifacts. Existing artifacts are only developed to demonstrate a reference deployment and should not be used as is in production.
This repository contains Kubernetes and Helm Resources for container-based deployments of WSO2 API Management.
The JWKS endpoint of the API Manager has the external facing hostname by default. This is not routable. To resolve this, you can alter the JWKS endpoint in the API Manager to use the API Manager's internal service name in Kubernetes.
- Log into Admin portal - https://am.wso2.com/admin/
- Navigate to Key Managers section and select the Resident Key Manager.
- Change the JWKS URL in the Certificates section to
https://<cp-lb-service-name>:9443/oauth2/jwks
To verify connecting peers API Manager use wso2carbon certificate. By default this only allows peers from localhost domain to connect. To allow connections from different domains you need to create a certificate with the allowed domain name list and add it to API Manager keystores. This can be done by mounting a volume with the modified keystores. You can find the APIM Manager keystores inside the ~/wso2am-4.2.0/repository/resources/security/ directory.
We encourage you to report any issues and documentation faults regarding Kubernetes and Helm resources for WSO2 API Management. Please report your issues here.
WSO2 developers can be contacted via the following mailing lists:
- WSO2 Developers Mailing List : dev@wso2.org
- WSO2 Architecture Mailing List : architecture@wso2.org