Skip to main content

Setting up HTTPS for the REST API

You can use Apache Web Server (httpd) version 2.2.16 or later to provide HTTPS for the Incentives REST API.

Make sure you have Apache web server installed. To use HTTPS, you must have an HTTPS certificate and private key, in the PEM format, for the domain on which you want to host the REST API.

  1. Navigate to the following location:

    C:\Program Files\Apache Software Foundation\Apache2.2.16\conf

  2. Open the httpd.conf file.

  3. Uncomment out these lines:

    Note

    These lines are not consecutive.

    #LoadModule proxy_module modules/mod_proxy.so
#LoadModule proxy_http_module modules/mod_proxy_http.so
#LoadModule ssl_module modules/mod_ssl.so

  4. Add these lines to the file:

    Listen 443
<VirtualHost *:443>
   ServerName localhost
   ProxyTimeout 1800
   SSLEngine on
   SSLCertificateKeyFile "PATH_TO_KEY"
   SSLCertificateFile "PATH_TO_CERT"
   SSLProtocol all -SSLv2 -SSLv3
   SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
   ProxyPass /api/ http://localhost:8080/api/
   ProxyPassReverse /api/ http://localhost:8080/api/

<Directory "c:/Program Files/Apache2.2.34/Apache2/htdocs">
Options Indexes FollowSymLinks
AllowOverride None    
Order allow,deny
Allow from all
DirectoryIndex index.html   
FallbackResource /index.html
</Directory>

</VirtualHost>

  5. Set the ServerName value to the domain on which the REST API will be posted.

  6. Set the SSLCertificateKeyFile value to the path to your certificate's private key.

    For example, C:/<path to>/YOUR_KEY.key.

  7. Set the SSLCertificateFile value to the path to your certificate.

    For example, C:/<path to>/YOUR_CERT.crt

  8. Save the httpd.conf file.

  9. Restart the Apache Web Service.

Access the REST API through the domain you configured and update the admin web applicationAPI_URL value to this new location.