This repository contains Kubernetes and Helm Resources for container-based deployments of WSO2 API Management.
The JWKS endpoint of the API Manager has the external facing hostname by default. This is not routable. To resolve this, you can alter the JWKS endpoint in the API Manager to use the API Manager's internal service name in Kubernetes.
- Log into Admin portal - https://am.wso2.com/admin/
- Navigate to Key Managers section and select the Resident Key Manager.
- Change the JWKS URL in the Certificates section to
https://<cp-lb-service-name>:9443/oauth2/jwks
To verify connecting peers API Manager use wso2carbon certificate. By default this only allows peers from localhost domain to connect. To allow connections from different domains you need to create a certificate with the allowed domain name list and add it to API Manager keystores. This can be done by mounting a volume with the modified keystores. You can find the APIM Manager keystores inside the ~/wso2am-4.2.0/repository/resources/security/ directory.
We encourage you to report any issues and documentation faults regarding Kubernetes and Helm resources for WSO2 API Management. Please report your issues here.
WSO2 developers can be contacted via the following mailing lists:
- WSO2 Developers Mailing List : [email protected]
- WSO2 Architecture Mailing List : [email protected]