Versions Compared

Old Version 6

changes.mady.by.user Former user

Saved on

compared with

New Version 7

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.


Throughout this guide, you have configured mgt.iots310.wso2.com as the manager node.

Tip
titleBefore you begin
  • Mount the registry as explained here.
  • Configure the following databases for the Key Manager in the <IOTS_HOME>/conf/datasources/master-datasources.xml file.
    For more information, see Setting Up the Databases for Clustering.
    • Registry database
    • User manager database
    • APIM database
    • App manager database and include the social and storage database schemas to the same database.
    • CDM database and include the certificate management, android, iOS and windows database schemas to the same database.

...

  1. Configure the HostName and  MgtHostName properties in the <IOTS_HOME>/conf/carbon.xml file as shown below.

    Code Block
    <HostName>iots310.wso2.com</HostName>
<MgtHostName>mgt.iots310.wso2.com</MgtHostName>
    Note

    Make sure to have the Offset property configured to zero. If it is set to a value other than zero, you need to update the NGINX configuration based on the port offset.

  2. Configure the <IOTS_HOME>/bin/iotserver.sh file as shown below:

    Code Block
    -Diot.manager.host="mgt.iots310.wso2.com" \
-Diot.manager.https.port="443" \
-Diot.core.host="iots310.wso2.com" \
-Diot.core.https.port="443" \
-Diot.keymanager.host="keymgt.iots310.wso2.com" \
-Diot.keymanager.https.port="443" \
-Diot.gateway.host="gateway.iots310.wso2.com" \
-Diot.gateway.https.port="443" \
-Diot.gateway.http.port="80" \
-Diot.gateway.carbon.https.port="443" \
-Diot.gateway.carbon.http.port="80" \
-Diot.apimpublisher.host="gateway.iots310.wso2.com" \
-Diot.apimpublisher.https.port="443" \
-Diot.apimstore.host="gateway.iots310.wso2.com" \
-Diot.apimstore.https.port="443" \

  3. The publisher and store of the app manager run on manager node. Configuring the app manager:

    1. Configure the following properties in the <IOTS_HOME>/repository/deployment/server/jaggeryapps/store/config/store.json file for SSO by replacing https://localhost:9443 with https://keymgt.iots310.wso2.com.

      • identityProviderURL

      • storeAcs
      Code Block
      "ssoConfiguration":{
      "enabled":true,
      "issuer":"store",
      "identityProviderURL":"https://keymgt.iots310.wso2.com/samlsso",
      "keyStorePassword":"wso2carbon",
      "identityAlias":"wso2carbon",
      "responseSigningEnabled":"true",
      "storeAcs":"https://mgt.iots310.wso2.com/store/acs",
      "keyStoreName":"/repository/resources/security/wso2carbon.jks",
      "validateAssertionValidityPeriod":true,
      "validateAudienceRestriction":true,
      "assertionSigningEnabled":true
},

    2. Configure the following properties in the <IOTS_HOME>/repository/deployment/server/jaggeryapps/publisher/config/publisher.json file for SSO by replacing https://localhost:9443 with https://keymgt.iots310.wso2.com.

      • identityProviderURL

      • publishereAcs
      Code Block
      "ssoConfiguration":{
      "enabled":true,
      "issuer":"publisher",
      "identityProviderURL":"https://keymgt.iots310.wso2.com/samlsso",
      "keyStorePassword":"wso2carbon",
      "identityAlias":"wso2carbon",
      "responseSigningEnabled":"true",
      "publisherAcs":"https://mgt.iots310.wso2.com/publisher/sso",
      "keyStoreName":"/repository/resources/security/wso2carbon.jks",
      "validateAssertionValidityPeriod":true,
      "validateAudienceRestriction":true,
      "assertionSigningEnabled":true
 }

    3. Configure the AppDownloadURLHost property in the <IOTS_HOME>/conf/app-manager.xml to point to http://mgt.iots310.wso2.com.

      Code Block
      <Config name="AppDownloadURLHost">http://mgt.iots310.wso2.com</Config>

  4. Configure the following properties in the <IOTS_HOME>/repository/deployment/server/jaggeryapps/api-store/site/conf/site.json file for SSO by replacing https://localhost:9443 with https://keymgt.iots310.wso2.com.

    Code Block
    "ssoConfiguration":{
      "enabled":"true",
      "issuer":"API_STORE",
      "identityProviderURL":"https://keymgt.iots310.wso2.com/samlsso",
      "keyStorePassword":"",
      "identityAlias":"",
      "responseSigningEnabled":"true",
      "assertionSigningEnabled":"true",
      "keyStoreName":"",
      "passive":"false",
      "signRequests":"true",
      "assertionEncryptionEnabled":"false"
},

  5. Configure the <IOTS_HOME>/repository/deployment/server/jaggeryapps/android-web-agent/app/conf/config.json file to update the Android agent download URL.

    Code Block
    "generalConfig":{
      "host":"https://mgt.iots310.wso2.com",
      "companyName":"WSO2 IoT Server",
      "browserTitle":"WSO2 IoT Server",
      "copyrightText":"\u00A9 %date-year%, WSO2 Inc. (http://www.wso2.org) All Rights Reserved."
},
  6. Configure the <IOTS_HOME>/repository/deployment/server/jaggeryapps/devicemgt/app/conf/config.json file to update the URL of the QR code, which will be used to enroll a device by scanning the QR code.
    Code Block
    "generalConfig":{
      "host":"https://mgt.iots310.wso2.com",
      "companyName":"WSO2 Carbon Device Manager",
      "browserTitle":"WSO2 Device Manager",
      "copyrightPrefix":"\u00A9 %date-year%, ",
      "copyrightOwner":"WSO2 Inc.",
      "copyrightOwnersSite":"http://www.wso2.org",
      "copyrightSuffix":" All Rights Reserved."
},
  7. Start the core profile of WSO2 IoT Server.


    Code Block
    cd <IOTS_HOME>/bin
./iot-server.sh

...