Page Comparison

...

Excerpt

Open the <IOTS_HOME>/conf/carbon.xml file and configure the <HostName> and <MgtHostName> attributes with the {IoT_SERVER_HOSTNAME}.
Code Block
<HostName>{IoT_SERVER_IP/HOSTNAME}</HostName> <MgtHostName>{IoT_SERVER_IP/HOSTNAME}</MgtHostName>
Open the <IOTS_HOME>/conf/identity/sso-idp-config.xml file, and find and replace localhost with the <IoT_SERVER_IP/HOSTNAME >.
Open the <IOTS_HOME>/conf/api-manager.xml file and configure the <DASServerURL> attribute by replacing localhost with the IoT Server IP or hostname.
Code Block
<DASServerURL>{tcp://<IoT_SERVER_IP/HOSTNAME>t:7613}</DASServerURL>

Open the <IOTS_HOME>/conf/etc/webapp-publisher-config.xml file, and set true as the value for <EnabledUpdateApi>.

Code Block
<!-- If it is true, the APIs of this instance will be updated when the webapps are redeployed --> <EnabledUpdateApi>true</EnabledUpdateApi>

Info
If you have not started WSO2 IoT Server previously, you don't need this configuration. When the server starts for the first time it will update the APIs and web apps with the new server IP.

Note

Make sure to configure this property back to false if you need to restart the server again after the configuring the IP.

By enabling the update API property, the APIs and the respective web apps get updated when the server restarts. This takes some time. Therefore, if you need to restart the server many times after this configuration or when in a production environment, you need to revert back to the default setting.

Open the <IOT_HOME>/repository/deployment/server/jaggeryapps/api-store/site/conf/site.json file, and configure the identityProviderUrl attribute by replacing localhost with the IoT Server IP or hostname.
Code Block
"identityProviderURL" : "https://<IoT_SERVER_IP/HOSTNAME>:9443/samlsso",

Open the <IOT_HOME>/wso2/analytics/repository/deployment/server/jaggeryapps/portal/configs/designer.json file, and configure the identityProviderUrl, acs, and host attributes by replacing localhost with the IoT Server IP or hostname and the respective profiles port.

Code Block

"identityProviderURL": "https://<IoT_SERVER_IP/HOSTNAME>:9443/samlsso",
"acs": "https://<IoT_SERVER_IP/HOSTNAME>:9445/portal/acs",
"host":{"hostname":"<IoT_SERVER_IP/HOSTNAME>","port":"","protocol":""},

Info

The default port of the WSO2 IoT Server profiles are as follows:

WSO2 IoT Server core profile	9443
WSO2 IoT Server analytics profile	9445
WSO2 IoT Server broker profile	9446

Therefore, the analytics portal needs to be assigned the 9445 port.

Open the <IOTS_HOME>/bin/iot-server.sh file and configure the following properties by replacing localhost with the <IoT_SERVER_IP/HOSTNAME>. If you are running on Windows, you need to configure the iot-server.bat file.

Code Block

-Diot.analytics.host="<IoT_SERVER_IP/HOSTNAME>" \
-Diot.manager.host="<IoT_SERVER_IP/HOSTNAME>" \
-Dmqtt.broker.host="<IoT_SERVER_IP/HOSTNAME>" \
-Diot.core.host="<IoT_SERVER_IP/HOSTNAME>" \
-Diot.keymanager.host="<IoT_SERVER_IP/HOSTNAME>" \
-Diot.gateway.host="<IoT_SERVER_IP/HOSTNAME>" \
-Diot.apimpublisher.host="<IoT_SERVER_IP/HOSTNAME>" \
-Diot.apimstore.host="<IoT_SERVER_IP/HOSTNAME>" \

Open the <IOTS_HOME>/wso2/analytics/bin/wso2.server.sh file and configure the following properties by replacing localhost with the <IoT_SERVER_IP/HOSTNAME>. If you are running on Windows, you need to configure the wso2server.bat file.
Code Block
-Dmqtt.broker.host="<IoT_SERVER_IP/HOSTNAME>" \ -Diot.keymanager.host="<IoT_SERVER_IP/HOSTNAME>" \ -Diot.gateway.host="<IoT_SERVER_IP/HOSTNAME>" \

Open the <IOTS_HOME>/wso2/broker/conf/broker.xml file and configure the following properties by replacing localhost with the <IoT_SERVER_IP/HOSTNAME>:

Code Block

<authenticator class="org.wso2.carbon.andes.authentication.andes.OAuth2BasedMQTTAuthenticator">
   <property name="hostURL">https://<IoT_SERVER_IP/HOSTNAME>:9443/services/OAuth2TokenValidationService</property>
   <property name="username">admin</property>
   <property name="password">admin</property>
   <property name="maxConnectionsPerHost">10</property>
   <property name="maxTotalConnections">150</property>
</authenticator>

<authorizer class="org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization.DeviceAccessBasedMQTTAuthorizer">
   <property name="username">admin</property>
   <property name="password">admin</property>
   <property name="tokenEndpoint">https://<IoT_SERVER_IP/HOSTNAME>t:8243</property>
   <!--offset time from expiry time to trigger refresh call - seconds -->
   <property name="tokenRefreshTimeOffset">100</property>
   <property name="deviceMgtServerUrl">https://<IoT_SERVER_IP/HOSTNAME>t:8243</property>
</authorizer>

Optionally, if you are using the WSO2 Android auto-enrollment feature, you need to replace all the localhost references to the IP or hostname in the following files that are in the
<IOTS_HOME>/repository/deployment/server/synapse-configs/default/api directory.
- admin--Android-Mutual-SSL-Event-Receiver.xml
- admin--Android-Mutual-SSL-Device-Management.xml
- admin--Android-Mutual-SSL-Configuration-Management.xml
If you are using the hostname instead of the IP, open the <IOTS_HOME>/repository/deployment/server/jaggeryapps/devicemgt/app/conf/config.json file and configure the androidAgentDownloadURL property.
Code Block
"androidAgentDownloadURL": "https://%iot.manager.host%:%iot.manager.https.port%/android-web-agent/public/mdm.page.enrollments.android.download-agent/asset/android-agent.apk",

Run the following commands so that the self-signed certificate refers to the IP you just configured instead of localhost.

Info
This step is required if your devices are accessing WSO2 IoT Server from outside the server.

Warning
Because of the changes made to the keystore, you will not able to access the tenants that are already created in WSO2 IoT Server. Therefore, it is recommended to keep a backup of the tenants when changing the IP or hostname.

Navigate to the <IOTS_HOME>/repository/resources/security directory and run the following commands to create the client-truststore.jks and wso2carbon.jks files with the new IP or hostname.

Code Block

keytool -delete -alias wso2carbon -keystore wso2carbon.jks
  
keytool -genkey -alias wso2carbon -keyalg RSA -keysize 2048 -keystore wso2carbon.jks -dname "CN=<IOT_SERVER_IP/HOSTNAME>,
OU=Home,O=Home,L=SL,S=WS,C=LK" -storepass wso2carbon -keypass wso2carbon
 
keytool -delete -alias wso2carbon -keystore client-truststore.jks
 
keytool -export -alias wso2carbon -keystore wso2carbon.jks -file wso2carbon.pem
 
keytool -import -alias wso2carbon -file wso2carbon.pem -keystore client-truststore.jks -storepass wso2carbon

Update the Identity Provider (IDP) with the new certificate:
1. Export wso2carbon.pem certificate that is in the binary DER format to the ASCII PEM format.
  Code Block
  openssl x509 -inform dirDER -outform PEM -in wso2carbon.pem -out server.crt
2. Open the server.crt file you just generated and copy the content that is between the BEGIN CERTIFICATE and END CERTIFICATE.
  Note
  Make sure to remove the new lines that are there in the certificate. Else, the JWT validation fails.
3. Open the <IOTS_HOME>/conf/identity/identity-providers/iot_default.xml file and replace the content that is under the <Certificate> property with the content you just copied.
Copy the client-truststore.jks and wso2carbon.jks files that you created in step 13.a to the following locations.
Note
Make sure to only copy the files. Don't remove it from the <IOTS_HOME>/repository/resources/security directory.
- <IOTS_HOME>/wso2/broker/repository/resources/security
- <IOTS_HOME>/wso2/analytics/repository/resources/security

Once you are done with the above steps, restart or start the message broker, IoT Server core, and the analytics profiles in the given order. For more information, see Starting the Server.

Versions Compared

Old Version 1

New Version Current

Key