Default Product Ports

This page describes the default ports used by each runtime of WSO2 API Manager.

Attention

Note that it is recommended to disable the HTTP transport in an API Manager production setup. Using the Bearer token over HTTP is a violation of the OAuth specification and can lead to security vulnerabilities.

Note

If you change the default runtime ports with a port offset, most of the runtime ports change automatically based on the offset.

API-M ports

Listed below are the ports used by the API-M runtime when the port offset is 0.

Default Port Description
9443 Port of the HTTPS servlet transport. The default HTTPS URL of the management console is https://localhost:9443/carbon.
9763 Port of the HTTP servlet transport. The default HTTP URL of the management console is http://localhost:9763/carbon.
10389 Port of the embedded LDAP server.
5672 Port of the internal Message Broker of the API-M runtime.
8280 Port of the Passthrough or NIO HTTP transport.
8243 Port of the Passthrough or NIO HTTPS transport.
9611 TCP port to receive throttling events. This is required when the binary data publisher is used for throttling.
9711 SSL port of the secure transport for receiving throttling events. This is required when the binary data publisher is used for throttling.
9099 Web Socket ports.
8000 Port exposing the Kerberos key distribution center server.
45564 Opened if the membership scheme is multicast.
4000 Opened if the membership scheme is WKA.
11111 The RMIRegistry port. Used to monitor Carbon remotely.
9999 The MIServer port. Used along with the RMIRegistry port when Carbon is monitored from a JMX client that is behind a firewall

Micro Integrator ports

By default, the Micro Integrator is internally configured with a port offset of 10. Listed below are the ports that are effective in the Micro Integrator by default (due to the internal port offset of 10).

Default Port Description
8290 The port of the HTTP Passthrough transport.
8253 The port of the HTTPS Passthrough transport.
9201 The HTTP port of the Management API of WSO2 Micro Integrator.

Configuring the default HTTP port
If required, you can manually change the HTTP port in the deployment.toml file (stored in the MI_HOME/conf folder) as shown below.

[mediation]
internal.http.api.port = http_port

Note: With the default internal port offset, the effective port will be http_port + 10.
9164 The HTTPS port of the Management API of WSO2 Micro Integrator.

Configuring the default HTTPS port
If required, you can manually change the HTTPS port in the deployment.toml file (stored in the MI_HOME/conf folder) as shown below.

[mediation]
internal_https_api_port = https_port

Note: With the default internal port offset, the effective port will be https_port + 10.

Random ports

Certain ports are randomly opened during server startup. This is due to the specific properties and configurations that become effective when the product is started. Note that the IDs of these random ports will change every time the server is started.

  • A random TCP port will open at server startup because the -Dcom.sun.management.jmxremote property is set in the server startup script. This property is used for the JMX monitoring facility in JVM.

  • A random UDP port is opened at server startup due to the log4j appender (SyslogAppender), which is configured in the <PRODUCT_HOME>/repository/conf/log4j2.properties file.

Disabling HTTP Transports

API Manager has two HTTP transports. See below for instructions on how to disable the following:

  1. Passthru (API Traffic) Transport
  2. Servlet (UI Traffic and Admin service access) Transport

Disabling Passthrough Transport

Add the following configuration in the deployment.toml file which resides in the <API-M_HOME>/repository/conf directory.

[transport.passthru_http.listener]
enable = false

Disabling Servlet Transport

  1. Open the <API-M_HOME>/repository/conf/tomcat/catalina-server.xml file.
  2. Locate the Connector with port 9763 as shown below:

    HTTP Transport Receiver

    <Connector protocol="org.apache.coyote.http11.Http11NioProtocol" port="9763"
        ...
    />
  3. Comment out the HTTP connector section.

Note

You need to restart the server for these changes to take effect.

Top