Configure API Manager

Overview

This topic describes the steps required to configure the API management features available in Axway API Manager. For an introduction to Axway API Management features, see the API Management Concepts Guide.

Note   API Manager is enabled by default when you install a Complete setup type, or install API Manager and the Quick Start tutorial as part of a Custom setup type. You only need to enable API Manager if Quick Start is not installed with API Manager.

Prerequisites

Before you begin, you must ensure the following:

  • Ensure that both API Manager and API Gateway and are installed. API Manager is a layered product running on API Gateway, which provides the underlying gateway capabilities. API Gateway is a prerequisite product for API Manager.
  • Ensure that an API Gateway Admin Node Manager and an API Gateway instance have been created and started.
  • Ensure that Apache Cassandra is installed and running, and that the Cassandra hosts have been configured in Policy Studio. For more information on installing and configuring Cassandra, see Install Apache Cassandra in the API Gateway Installation Guide.

For more details on installing and starting API Gateway and API Manager, see the API Gateway Installation Guide.

Enable API Manager

Note   If you selected to install API Manager and the Quick Start tutorial, API Manager is enabled by default, and you can skip to the next section. However, if you installed API Manager, but did not install the Quick Start tutorial, you must perform the following steps:
  1. Change to the following directory:

UNIX/Linux

Windows

  1. Run the following command:

For example:

For more details on available options, enter the following:

  1. Enter the Admin Node Manager credentials that you specified when installing the Admin Node Manager.
  2. Enter the API administrator credentials that you specified when installing API Manager.
  1. After the script completes, the API Gateway instance restarts automatically.
Note   You must run setup-apimanager on a newly created API Gateway instance with no group passphrase. You can set a new API Gateway group passphrase after running setup-apimanager on a group configuration without the passphrase.

After changing the group passphrase, you must re-encrypt the API Manager KPS collections using the kpsadmin tool. For more details, see the API Gateway Key Property Store User Guide.

Log into API Manager

  1. Enter the following URL in your browser:
  1. Log in using the API administrator credentials that you specified when installing API Manager, or when prompted by setup-apimanager.
Note   For security reasons, it is recommended that you change the default credentials. For more details, see Administer APIs in API Manager.

Configure signed certificates for API Manager ports

The default certificates used to secure the ports for API Manager and its runtime traffic are self-signed and must not be used in a production system. Instead, you must use a server certificate signed by a trusted Certificate Authority (for example, Verisign). The default certificates are signed by Axway and are for demonstration purposes only.

To configure signed server certificates for these API Manager ports, perform the following steps in Policy Studio:

  1. Add the server certificates signed by a trusted Certificate Authority to the API Gateway certificate store, and ensure that their start and expiry dates are valid. For more details, see Manage X.509 certificates and keys in the API Gateway Policy Developer Guide.
  1. Configure the API Manager port to use the signed server certificate:
    1. Select Environment Configuration > Listeners > API Gateway > API Portal > Ports.
    2. Double-click API Portal Port on the right to open the Configure HTTPS Interface dialog. The default port is 8075.
    3. On the Network tab, click X.509 Certificate to select the signed server certificate.
  2. Configure the API Manager runtime traffic port to use the signed server certificate:
    1. Select Environment Configuration > Listeners > API Gateway > API Manager Traffic > Ports.
    2. Double-click Portal Traffic HTTPS Interface on the right to open the Configure HTTPS Interface dialog. The default port is 8065.
    3. On the Network tab, click X.509 Certificate to select the signed server certificate.

The default self-signed certificate is named CN=Change this for production. The following example shows the default certificate for the API Manager runtime traffic port that you need to change:

For more details on configuring certificates for HTTPS interface ports, see the Configure HTTP services in the API Gateway Policy Developer Guide.

Configure a API Manager monitoring database

To monitor and report on APIs in API Manager, you must perform the following steps:

  1. Configure a JDBC-compliant database used to store historic reports. The following databases are supported:
    • Oracle
    • MySQL
    • Microsoft SQL Server
    • IBM DB2
  2. Configure the API Gateway for monitoring. For example, you must ensure that real-time monitoring is enabled on the API Gateway, and that writing metrics data to the database is enabled.

For more details, see the API Gateway Installation Guide.

Further information

For more details on API Manager configuration, see the following topics:

Related Links