Versions Compared

Old Version 1

changes.mady.by.user Former user

Saved on

compared with

New Version Current

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Follow the instructions below to deploy Identity Server in production.

Info
titleNote

The following changes should be applied on a fresh Identity Server instance. Do not start the Identity Server until the configurations are finalized.

...

Step 1. Changing the default key store

1. Open the wso2is-3.2.3<IS_HOME>/repository/conf/carbon.xml file.

...

Info
titleNote

The private key must be available in a key store keystore of the "JKS" or "PKCS12" type. More information on key stores can be foundĀ here.

Code Block
<!--
      Security configurations
     -->
    <Security>
        <!--
            KeyStore which will be used for encrypting/decrypting passwords
            and other sensitive information.
        -->
        <KeyStore>
            <!-- Keystore file location-->
            <Location>${carbon.home}/repository/resources/security/wso2carbon.jks</Location>
            <!-- Keystore type (JKS/PKCS12 etc.)-->
            <Type>JKS</Type>
            <!-- Keystore password-->
            <Password>wso2carbon</Password>
            <!-- Private Key alias-->
            <KeyAlias>wso2carbon</KeyAlias>
            <!-- Private Key password-->
            <KeyPassword>wso2carbon</KeyPassword>
        </KeyStore>

        <!--
           The directory under which all other KeyStore files will be stored
        -->
        <KeyStoresDir>${carbon.home}/repository/resources/security</KeyStoresDir>
    </Security>

Step 2. Changing the host name

1. Open the wso2is-3.2.3<IS_HOME>/repository/conf/carbon.xml file.

...

Step 3. Changing the HTTP/HTTPS ports

1. Open the wso2is-3.2.3<IS_HOME>/repository/conf/tomcat/mgtcatalina-transportsserver.xml file .2. Change and change the HTTP and HTTPS port by changing the following configuration ports in the <connector> elements. For example,

<transport name="http" class
Code Block
languagehtml/xml
 <Connector  protocol="org.wso2apache.carboncoyote.server.transports.http.HttpTransport">http11.Http11NioProtocol"
              <parameter nameport="port">9763</parameter>9763"
            </transport>   ...
/>

<transport<Connector name="https" classprotocol="org.wso2apache.carboncoyote.server.transports.http.HttpsTransport">http11.Http11NioProtocol"
               port="9443
              <parameter namescheme="port">9443</parameter>https"
               ...
</transport>>

Step 4. Changing the OpenID Provider configurations

1. Open the wso2is-3.2.3<IS_HOME>/repository/conf/identity.xml file.

...