Versions Compared

Old Version 1

changes.mady.by.user Former user

Saved on

compared with

New Version Current

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Change the port and the hostname ('is.dev.wso2.com' is taken as an example) in <IS_HOME>/repository/conf/carbon.xml. (Make sure the management hostname is also the same)

    Code Block
    languagexml
    <HostName>is.dev.wso2.com</HostName>
<MgtHostName>is.dev.wso2.com</MgtHostName>

  2. All keystores in WSO2 IS are stored in the <IS_HOME>/repository/resources/security folder. Navigate to the security folder on the command prompt and use the following command to create a new keystore with CN=is.dev.wso2.com

    Code Block
    titleFormat
    keytool -genkey -alias <alias_name> -keyalg RSA -keysize 2048 -keystore <keystore_name>.jks -dname "CN=<hostname>, OU=<organizational_unit>,O=<organization>,L=<Locality>,S=<State/province>,C=<country_code>" -storepass <keystore_password> -keypass <confirm_keystore_password>

    Replace the values enclosed in <> in the command given above with a value you prefer as shown in the sample command below. 

    Code Block
    titleSample keytool command
    keytool -genkey -alias newcert -keyalg RSA -keysize 2048 -keystore newkeystore.jks -dname "CN=is.dev.wso2.com, OU=Is,O=Wso2,L=SL,S=WS,C=LK" -storepass mypassword -keypass mypassword

  3. If the keystore name and password are changed, all the references to it within the configuration files must be updated as well. Run a grep command from the <IS_HOME> directory to find all the places within the WSO2 IS configuration files where the keystore name and password have been used.

    Code Block
    grep -i -r wso2carbon.jks .

  4. A list of configuration files that refer to "wso2carbon.jks" will be listed on your command prompt window. Open each file and update the keystore name, password, and alias values (e.g., update the keystore name from "wso2carbon.jks" to  "newkeystore.jks"). 

  5. Export the public key from your key store .jks file using the following command:

    Code Block
    titleFormat
    keytool -export -alias <alias_name> -keystore <keystore_name>.jks -file <public_key_name>.pem

    Replace the values enclosed in <> in the command given above with a value you prefer as shown in the sample command below. 

    Code Block
    titleSample keytool command
    keytool -export -alias newcert -keystore newkeystore.jks -file pkn.pem

  6. Import the public key you extracted in the previous step to the client-truststore.jks file using the following command:


    Code Block
    titleFormat
    keytool -import -alias <alias_name> -file <public_key_name>.pem -keystore client-truststore.jks -storepass <keystore_password>

    Replace the values enclosed in <> in the command given above with a value you prefer as shown in the sample command below. 

    Code Block
    titleSample keytool command
    keytool -import -alias newcert -file pkn.pem -keystore client-truststore.jks -storepass wso2carbon
    Note

    If you create a new client-truststore, do a search using the grep command and change the name and passwords of the client-truststore in all the places in IS.

  7. Verfiy the hostname change by attempting to log into the dashboard, getting a token from any grant type, etc.

  8. If you are trying this out on your local machine, open the etc/hosts/ file and add the following entry to map the new hostname. "is.dev.wso2.com" is used as an example in the sample entry shown below. 

    Code Block
    127.0.0.1       is.dev.wso2.com

...