How can I correctly create a WSO2 ESB API that uses HTTPS instead HTTP as protocol?

Question

I am not so into WSO2 ESB and I have the following doubt.

I have deployed on my Carbon server some APIs, that works fine.

These APIs are using HTTP as protocol. For some reason I have to change it into HTTPS.

My doubs is: have I only to change the protocol attribute (of the resource tag) value form http to https?

<?xml version="1.0" encoding="UTF-8"?>
<api context="/meteo_forecast_weekly_v2/location" name="meteo_forecast_weekly_v2" xmlns="http://ws.apache.org/ns/synapse">
    <resource methods="GET" protocol="http" uri-template="/{localizationId}">
        ...............................................................
        ...............................................................
        ...............................................................

Or have I also to configure a certificate in my Carbon server?

EDIT-1: I tryied to do as suggested by BHA but when I do the call in this way I obtain this unknown protocol error:

$ curl -k https://XXX.YYY.ZZZ.WWW:8280/meteo_forecast_weekly_v2/location/1
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
curl: (35) error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol

Into the WSO2 stacktrace I obtain this error log:

TID: [-1] [] [2017-11-14 14:46:00,107] ERROR {org.apache.synapse.transport.passthru.SourceHandler} -  HttpException occurred  {org.apache.synapse.transport.passthru.SourceHandler}
org.apache.http.ProtocolException: Invalid request line: ü8Ò�;Cá©h0ß©�ø_¹i°eõ»Ê.,q5© À0À,À(À$ÀÀ
        at org.apache.http.impl.nio.codecs.AbstractMessageParser.parse(AbstractMessageParser.java:208)
        at org.apache.synapse.transport.http.conn.LoggingNHttpServerConnection$LoggingNHttpMessageParser.parse(LoggingNHttpServerConnection.java:407)
        at org.apache.synapse.transport.http.conn.LoggingNHttpServerConnection$LoggingNHttpMessageParser.parse(LoggingNHttpServerConnection.java:381)
        at org.apache.http.impl.nio.DefaultNHttpServerConnection.consumeInput(DefaultNHttpServerConnection.java:265)
        at org.apache.synapse.transport.http.conn.LoggingNHttpServerConnection.consumeInput(LoggingNHttpServerConnection.java:114)
        at org.apache.synapse.transport.passthru.ServerIODispatch.onInputReady(ServerIODispatch.java:82)
        at org.apache.synapse.transport.passthru.ServerIODispatch.onInputReady(ServerIODispatch.java:39)
        at org.apache.http.impl.nio.reactor.AbstractIODispatch.inputReady(AbstractIODispatch.java:113)
        at org.apache.http.impl.nio.reactor.BaseIOReactor.readable(BaseIOReactor.java:159)
        at org.apache.http.impl.nio.reactor.AbstractIOReactor.processEvent(AbstractIOReactor.java:338)
        at org.apache.http.impl.nio.reactor.AbstractIOReactor.processEvents(AbstractIOReactor.java:316)
        at org.apache.http.impl.nio.reactor.AbstractIOReactor.execute(AbstractIOReactor.java:277)
        at org.apache.http.impl.nio.reactor.BaseIOReactor.execute(BaseIOReactor.java:105)
        at org.apache.http.impl.nio.reactor.AbstractMultiworkerIOReactor$Worker.run(AbstractMultiworkerIOReactor.java:586)
        at java.lang.Thread.run(Thread.java:745)
Caused by: org.apache.http.ParseException: Invalid request line: ü8Ò�;Cá©h0ß©�ø_¹i°eõ»Ê.,q5© À0À,À(À$ÀÀ
        at org.apache.http.message.BasicLineParser.parseRequestLine(BasicLineParser.java:287)
        at org.apache.http.impl.nio.codecs.DefaultHttpRequestParser.createMessage(DefaultHttpRequestParser.java:119)
        at org.apache.http.impl.nio.codecs.DefaultHttpRequestParser.createMessage(DefaultHttpRequestParser.java:51)
        at org.apache.http.impl.nio.codecs.AbstractMessageParser.parseHeadLine(AbstractMessageParser.java:156)
        at org.apache.http.impl.nio.codecs.AbstractMessageParser.parse(AbstractMessageParser.java:206)
        ... 14 more
TID: [-1] [] [2017-11-14 14:46:00,113]  INFO {org.apache.synapse.transport.passthru.SourceHandler} -  Writer null when calling informWriterError {org.apache.synapse.transport.passthru.SourceHandler}

Why? What is the problem?

Answer 1

Yes, you only have to change protocol value. By default ESB uses it's default keystore which is in <ESB_HOME>/repository/reources/security/wso2carbon.jks. When you're in production it's recommended to change the default keystore.