From c1cc604bbb2a5cb6efe5f551fe4b1a76a6faa759 Mon Sep 17 00:00:00 2001
From: Pavel Jares <Pavel.Jares@broadcom.com>
Date: Mon, 27 May 2024 12:36:16 +0200
Subject: [PATCH 1/3] fix

Signed-off-by: Pavel Jares <Pavel.Jares@broadcom.com>
---
 .../main/java/org/zowe/apiml/gateway/config/GatewayConfig.java | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/gateway-service/src/main/java/org/zowe/apiml/gateway/config/GatewayConfig.java b/gateway-service/src/main/java/org/zowe/apiml/gateway/config/GatewayConfig.java
index ff6e682027..f73b1b3d32 100644
--- a/gateway-service/src/main/java/org/zowe/apiml/gateway/config/GatewayConfig.java
+++ b/gateway-service/src/main/java/org/zowe/apiml/gateway/config/GatewayConfig.java
@@ -87,6 +87,7 @@ public EurekaInstanceConfigBean eurekaInstanceConfigBean(InetUtils inetUtils,
             .parseInt(getEnabledPort(env));
 
         boolean isSecurePortEnabled = Boolean.parseBoolean(getProperty("server.ssl.enabled"));
+        boolean attls = Boolean.valueOf(getProperty("server.attls.enabled"));
         instance.setNonSecurePort(isSecurePortEnabled ? 0 : serverPort);
         instance.setNonSecurePortEnabled(!isSecurePortEnabled);
         instance.setSecurePort(isSecurePortEnabled ? serverPort : 0);
@@ -105,7 +106,7 @@ public EurekaInstanceConfigBean eurekaInstanceConfigBean(InetUtils inetUtils,
 
         String externalUrl = getProperty("apiml.service.external-url");
         if (!StringUtils.hasText(externalUrl)) {
-            externalUrl = (isSecurePortEnabled ? "https" : "http") + "://" + hostname + ":" + serverPort;
+            externalUrl = (isSecurePortEnabled || attls ? "https" : "http") + "://" + hostname + ":" + serverPort;
         }
         instance.getMetadataMap().put(SERVICE_EXTERNAL_URL, externalUrl);
 

From a9a88ee349c79ea0c8628843c072ea124a88c05e Mon Sep 17 00:00:00 2001
From: Pavel Jares <Pavel.Jares@broadcom.com>
Date: Mon, 27 May 2024 15:52:58 +0200
Subject: [PATCH 2/3] fix

Signed-off-by: Pavel Jares <Pavel.Jares@broadcom.com>
---
 .../main/java/org/zowe/apiml/gateway/config/GatewayConfig.java  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/gateway-service/src/main/java/org/zowe/apiml/gateway/config/GatewayConfig.java b/gateway-service/src/main/java/org/zowe/apiml/gateway/config/GatewayConfig.java
index f73b1b3d32..d54d4f490e 100644
--- a/gateway-service/src/main/java/org/zowe/apiml/gateway/config/GatewayConfig.java
+++ b/gateway-service/src/main/java/org/zowe/apiml/gateway/config/GatewayConfig.java
@@ -87,7 +87,7 @@ public EurekaInstanceConfigBean eurekaInstanceConfigBean(InetUtils inetUtils,
             .parseInt(getEnabledPort(env));
 
         boolean isSecurePortEnabled = Boolean.parseBoolean(getProperty("server.ssl.enabled"));
-        boolean attls = Boolean.valueOf(getProperty("server.attls.enabled"));
+        boolean attls = Boolean.parseBoolean(getProperty("server.attls.enabled"));
         instance.setNonSecurePort(isSecurePortEnabled ? 0 : serverPort);
         instance.setNonSecurePortEnabled(!isSecurePortEnabled);
         instance.setSecurePort(isSecurePortEnabled ? serverPort : 0);

From 2c11ffd54ffc7bd044c54980da6487f4f0fbcdf2 Mon Sep 17 00:00:00 2001
From: achmelo <37397715+achmelo@users.noreply.github.com>
Date: Mon, 27 May 2024 16:16:39 +0200
Subject: [PATCH 3/3] chore: configure external protocol from zowe yaml (#3566)

* fix: allow key exchange port configuration (#3453)

* allow key exchange port configuration

Signed-off-by: achmelo <a.chmelo@gmail.com>

* explain different defaults for the port

Signed-off-by: achmelo <a.chmelo@gmail.com>

* use the same default port number

Signed-off-by: achmelo <a.chmelo@gmail.com>

---------

Signed-off-by: achmelo <a.chmelo@gmail.com>
(cherry picked from commit d82322ee37540695d20516b44d46ad9188adf5b0)

* configure external protocol from zowe yaml

Signed-off-by: achmelo <a.chmelo@gmail.com>

---------

Signed-off-by: achmelo <a.chmelo@gmail.com>
---
 gateway-package/src/main/resources/bin/start.sh | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/gateway-package/src/main/resources/bin/start.sh b/gateway-package/src/main/resources/bin/start.sh
index 1c97ba239a..99f324362c 100755
--- a/gateway-package/src/main/resources/bin/start.sh
+++ b/gateway-package/src/main/resources/bin/start.sh
@@ -31,6 +31,7 @@
 # - ZWE_configs_heap_init
 # - ZWE_configs_apiml_catalog_serviceId
 # - ZWE_configs_apiml_gateway_timeoutMillis
+# - ZWE_configs_apiml_gateway_externalProtocol
 # - ZWE_configs_apiml_security_auth_provider
 # - ZWE_configs_apiml_security_allowtokenrefresh
 # - ZWE_configs_apiml_security_auth_zosmf_jwtAutoconfiguration
@@ -254,7 +255,7 @@ _BPX_JOBNAME=${ZWE_zowe_job_prefix}${GATEWAY_CODE} java \
     -Dapiml.service.discoveryServiceUrls=${ZWE_DISCOVERY_SERVICES_LIST} \
     -Dapiml.service.allowEncodedSlashes=${ZWE_configs_apiml_service_allowEncodedSlashes:-true} \
     -Dapiml.service.corsEnabled=${ZWE_configs_apiml_service_corsEnabled:-false} \
-    -Dapiml.service.externalUrl="${externalProtocol}://${ZWE_zowe_externalDomains_0}:${ZWE_zowe_externalPort}" \
+    -Dapiml.service.externalUrl="${ZWE_configs_apiml_gateway_externalProtocol:-${externalProtocol}}://${ZWE_zowe_externalDomains_0}:${ZWE_zowe_externalPort}" \
     -Dapiml.service.apimlId=${ZWE_configs_apimlId:-} \
     -Dapiml.catalog.serviceId=${APIML_GATEWAY_CATALOG_ID:-apicatalog} \
     -Dapiml.cache.storage.location=${ZWE_zowe_workspaceDirectory}/api-mediation/${ZWE_haInstance_id:-localhost} \