This documentation is for WSO2 IoT Server 3.0.0. View the documentation for the latest release.
Due to a known issue do not use JDK1.8.0_151 with WSO2 products. Use JDK 1.8.0_144 until JDK 1.8.0_162-ea is released.
Page Comparison - Configuring WSO2 IoT Server with the IP or Hostname (v.42 vs v.43) - IoT Server 3.0.0 - WSO2 Documentation
IoT Server 3.0.0
Expand all   Collapse all

Versions Compared

Old Version 42

changes.mady.by.user Yvonne Wickramasinghe

Saved on

compared with

New Version 43

changes.mady.by.user Yvonne Wickramasinghe

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Excerpt

  1. Replace the default certificate with a new self-signed certificate, and import it to the client-truststore.jks by following the steps below:

    1. Navigate to <IoT_HOME>/core/repository/resources/security via command prompt.

    2. Delete the existing wso2carbon.jks file.

      Code Block
      keytool -delete -alias wso2carbon -keystore wso2carbon.jks

    3. Create a new wso2carbon.jks file.

      Code Block
      keytool -genkey -alias wso2carbon -keyalg RSA -keysize 2048 -keystore wso2carbon.jks

    4. Setup the hostname by configuring the certificate attributes on the wso2carbon.jks file.

      Info
      titleCertificate Attributes

      CN: Common Name, OU: Organizational Unit, O: Organization, L: Locality, S: State or Province Name, and C: Country Name.

      Example:

      Code Block
      -dname "CN=wsstjo10,OU=Home,O=Home,L=SL,S=WS,C=LK" -storepass wso2carbon -keypass wso2carbon

    5. Replace the public key with the -alias wso2carbon available in the client-trustore.jks with the public key in the newly generated certificate.

      Code Block
      keytool -delete -alias wso2carbon -keystore client-truststore.jks
keytool -export -alias wso2carbon -keystore wso2carbon.jks -file wso2carbon.pem
keytool -import -alias wso2carbon -file wso2carbon.pem -keystore client-truststore.jks -storepass wso2carbon
    6. asdfasdfas

  2. Open the <IoT_HOME>/conf/carbon.xml file 

    1. If you configuring WSO2 IoT Server with the IP, comment out the <HostName> and <MgtHostName> attributes.

      Code Block
      <!--<HostName>localhost</HostName>-->
<!--<MgtHostName>localhost</MgtHostName>-->


        1. If you are configuring WSO2 IoT Server with the hostname, define the hostname as the value for the <HostName>and <MgtHostName> attributes.

          Code Block
          <HostName>{ENTER_THE_HOSTNAME}</HostName>
<MgtHostName>{ENTER_THE_HOSTNAME}</MgtHostName>

      2. Open the <IOTS_HOME>/core/bin/wso2server.sh file and configure the following properties by replacing localhost with the  <IoT_SERVER_IP/HOSTNAME>.

        Code Block
        -Diot.core.host="<IoT_SERVER_IP/HOSTNAME>" \
-Diot.keymanager.host="<IoT_SERVER_IP/HOSTNAME>" \
-Diot.gateway.host="<IoT_SERVER_IP/HOSTNAME>" \
      3. Open the <IOTS_HOME>/core/repository/conf/identity/sso-idp-config.xml file, and find and replace localhost withthe <IoT_SERVER_IP/HOSTNAME>.

      4. Open the <IOTS_HOME>/core/repository/conf/app-manager.xml  file, and configure the <IdentityProviderUrl> attribute that is under <SSOConfiguration> byreplacing localhost with the IoT Server IP.

        Code Block
        <!-- URL of the IDP use for SSO -->
<IdentityProviderUrl>https://<IoT_SERVER_IP/HOSTNAME>:${mgt.transport.https.port}/samlsso</IdentityProviderUrl>

      5. Open the <IOTS_HOME>/core/repository/conf/etc/webapp-publisher-config.xml file, and set true as the value for <EnabledUpdateApi>.

        Code Block
        <!-- If it is true, the APIs of this instance will be updated when the webapps are redeployed -->
<EnabledUpdateApi>true</EnabledUpdateApi>
        Info

        If you have not started WSO2 IoT Server previously, you don't need this configuration. When the server starts for the first time it will update the APIs and web apps with the new server IP.

        Note

        Make sure to configure this property back to false if you need to restart the server again after the configuring the IP.

        By enabling the update API property you will be updating the APIs and the respective web apps with the server IP when the server restarts. This takes some time, therefore, if you need to restart the server many times after this configuration or when in a production environment, you need to revert back to the default setting.

      6. Open the <IOTS_HOME>/core /repository/deployment/server/jaggeryapps/devicemgt/app/conf/app-conf.json file, and configure the following attributes:

      7. identityProviderUrl: Replace %iot.keymanager.host%:%iot.keymanager.https.port% with the IoT Server IP or hostname and port, which is 9443.

        Code Block
        "identityProviderUrl" : "https://<IoT_SERVER_IP/HOSTNAME>:9443/samlsso",

      8. acs: Replace %iot.keymanager.host%:%iot.keymanager.https.port% with the IoT Server IP or hostname and port, which is 9443.

        Code Block
        "acs": "https://<IoT_SERVER_IP/HOSTNAME>:9443/devicemgt/uuf/sso/acs",

    2. Open the <IOTS_HOME>/core/repository/deployment/server/jaggeryapps/api-store/site/conf/site.json file, and configure the identityProviderUrl attribute by replacing localhost with the IoT Server IP or hostname.

      Code Block
      "identityProviderURL" : "https://<IoT_SERVER_IP/HOSTNAME>:9443/samlsso",

    3. Open the <IOTS_HOME>/analytics/repository/deployment/server/jaggeryapps/portal/configs/designer.json file, and configure the identityProviderUrl,acs and host attributes by replacing localhost with the IoT Server IP or hostname and the respective profiles port.

      Code Block
      "identityProviderURL": "https://<IoT_SERVER_IP>:9443/samlsso",
"acs": "https://<IoT_SERVER_IP/HOSTNAME>:9445/portal/acs",
"host":{"hostname":"<IoT_SERVER_IP/HOSTNAME>","port":"","protocol":""},
      Info

      The default port of the WSO2 IoT Server profiles are as follows:

      WSO2 IoT Server core profile9443
      WSO2 IoT Server analytics profile9445
      WSO2 IoT Server broker profile9446

      Therefore, the analytics portal needs to be assigned the 9445 port.

    4. Run the following commands so that the self-signed certificate refers to the IP you just configured instead of localhost.

      Info

      This step is required if your devices are accessing WSO2 IoT Server from outside the server.

    5. Navigate to the <IOTS_HOME>/core/repository/resources/security directory and run the following commands to create the client-truststore.jks and wso2carbon.jks files with the new IP or hostname.

      Code Block
      keytool -delete -alias wso2carbon -keystore wso2carbon.jks
 
keytool -genkey -alias wso2carbon -keyalg RSA -keysize 2048 -keystore wso2carbon.jks -dname "CN=<IOT_SERVER_IP/HOSTNAME>,
OU=Home,O=Home,L=SL,S=WS,C=LK" -storepass wso2carbon -keypass wso2carbon

keytool -delete -alias wso2carbon -keystore client-truststore.jks

keytool -export -alias wso2carbon -keystore wso2carbon.jks -file wso2carbon.pem

keytool -import -alias wso2carbon -file wso2carbon.pem -keystore client-truststore.jks -storepass wso2carbon

  3. Copy the  client-truststore.jks  and  wso2carbon.jks  files that you just created to the following locations:

    1. Broker - <Iot_HOME>/broker/repository/resources/security/

    2. Core - <Iot_HOME>/analytics/repository/resources/security/

  4. If you are using the hostname instead of the IP, open the <IOTS_HOME>/core/repository/deployment/server/jaggeryapps/devicemgt/app/conf/config.json file and configure the host property.


    Code Block
    "host" : "<ENTER_THE_HOSTNAME>"

  5. Once you are done with the above steps, restart or start the message broker, IoT Server core, and the analytics profiles in the given order. For more information, see Starting the Server.