com.atlassian.confluence.content.render.xhtml.migration.exceptions.UnknownMacroMigrationException: The macro 'next_previous_link3' is unknown.

Configuring the Key Manager Node

Owned by Former user (Deleted)
Jun 26, 2017
4 min read

Through out this guide you have configured keymgt.iots310.wso2.com as the key manager node.

Before you begin

  • Mount the registry as explained here.
  • Configure the following databases for the Key Manager in the <IOTS_HOME>/conf/datasources/master-datasources.xml file.
    For more information, see Setting Up the Databases for Clustering.
    • Registry Database
    • User manager database
    • APIM Database

Let's start configuring the Key Manager node.

  1. Configure the HostName and MgtHostName properties in the <IOTS_HOME>/conf/carbon.xml file as shown below.

    <HostName>keymgt.iots310.wso2.com</HostName>
<MgtHostName>keymgt.iots310.wso2.com</MgtHostName>

    Make sure to have the Offset property configured to zero. If it is set to a value other than zero, you need to update the NGINX configuration based on the port offset.

  2. Configure the <IOTS_HOME>/bin/iot-server.sh file as shown below:

     -Diot.keymanager.host="keymgt.iots310.wso2.com" \
 -Diot.keymanager.https.port="443" \

  3. Configure all the following properties in the <IOTS_HOME>/conf/identity/sso-idp-config.xml file by replacing https://localhost:9443 with https://mgt.iots310.wso2.com:443.

    • AssertionConsumerServiceURL

    • DefaultAssertionConsumerServiceURL

     Click here to view a configured file.
    <SSOIdentityProviderConfig>
   <TenantRegistrationPage>https://stratos-local.wso2.com/carbon/tenant-register/select_domain.jsp</TenantRegistrationPage>
   <ServiceProviders>
      <ServiceProvider>
         <Issuer>devicemgt</Issuer>
         <AssertionConsumerServiceURLs>
            <AssertionConsumerServiceURL>https://mgt.iots310.wso2.com:443/devicemgt/uuf/sso/acs</AssertionConsumerServiceURL>
         </AssertionConsumerServiceURLs>
         <DefaultAssertionConsumerServiceURL>https://mgt.iots310.wso2.com:443/devicemgt/uuf/sso/acs</DefaultAssertionConsumerServiceURL>
         <SignAssertion>true</SignAssertion>
         <SignResponse>true</SignResponse>
         <EnableAttributeProfile>false</EnableAttributeProfile>
         <IncludeAttributeByDefault>false</IncludeAttributeByDefault>
         <Claims>
            <Claim>http://wso2.org/claims/role</Claim>
            <Claim>http://wso2.org/claims/emailaddress</Claim>
         </Claims>
         <EnableAudienceRestriction>true</EnableAudienceRestriction>
         <EnableRecipients>true</EnableRecipients>
         <AudiencesList>
            <Audience>https://localhost:9443/oauth2/token</Audience>
         </AudiencesList>
         <RecipientList>
            <Recipient>https://localhost:9443/oauth2/token</Recipient>
         </RecipientList>
      </ServiceProvider>
      <ServiceProvider>
         <Issuer>store</Issuer>
         <AssertionConsumerServiceURLs>
            <AssertionConsumerServiceURL>https://mgt.iots310.wso2.com:443/store/acs</AssertionConsumerServiceURL>
         </AssertionConsumerServiceURLs>
         <DefaultAssertionConsumerServiceURL>https://mgt.iots310.wso2.com:443/store/acs</DefaultAssertionConsumerServiceURL>
         <SignResponse>true</SignResponse>
         <CustomLoginPage>/store/login.jag</CustomLoginPage>
      </ServiceProvider>
      <ServiceProvider>
         <Issuer>social</Issuer>
         <AssertionConsumerServiceURLs>
            <AssertionConsumerServiceURL>https://mgt.iots310.wso2.com:443/social/acs</AssertionConsumerServiceURL>
         </AssertionConsumerServiceURLs>
         <DefaultAssertionConsumerServiceURL>https://mgt.iots310.wso2.com:443/social/acs</DefaultAssertionConsumerServiceURL>
         <SignResponse>true</SignResponse>
         <CustomLoginPage>/social/login</CustomLoginPage>
      </ServiceProvider>
      <ServiceProvider>
         <Issuer>publisher</Issuer>
         <AssertionConsumerServiceURLs>
            <AssertionConsumerServiceURL>https://mgt.iots310.wso2.com:443/publisher/acs</AssertionConsumerServiceURL>
         </AssertionConsumerServiceURLs>
         <DefaultAssertionConsumerServiceURL>https://mgt.iots310.wso2.com:443/publisher/acs</DefaultAssertionConsumerServiceURL>
         <SignResponse>true</SignResponse>
         <CustomLoginPage>/publisher/controllers/login.jag</CustomLoginPage>
         <EnableAudienceRestriction>true</EnableAudienceRestriction>
         <AudiencesList>
            <Audience>carbonServer</Audience>
         </AudiencesList>
      </ServiceProvider>
      <ServiceProvider>
         <Issuer>API_STORE</Issuer>
         <AssertionConsumerServiceURLs>
            <AssertionConsumerServiceURL>https://mgt.iots310.wso2.com:443/api-store/jagg/jaggery_acs.jag</AssertionConsumerServiceURL>
         </AssertionConsumerServiceURLs>
         <DefaultAssertionConsumerServiceURL>https://mgt.iots310.wso2.com:443/api-store/jagg/jaggery_acs.jag</DefaultAssertionConsumerServiceURL>
         <SignResponse>true</SignResponse>
         <EnableAudienceRestriction>true</EnableAudienceRestriction>
         <AudiencesList>
            <Audience>carbonServer</Audience>
         </AudiencesList>
      </ServiceProvider>
      <ServiceProvider>
         <Issuer>portal</Issuer>
         <AssertionConsumerServiceURLs>
            <AssertionConsumerServiceURL>https://mgt.iots310.wso2.com:443/portal/acs</AssertionConsumerServiceURL>
         </AssertionConsumerServiceURLs>
         <DefaultAssertionConsumerServiceURL>https://mgt.iots310.wso2.com:443/portal/acs</DefaultAssertionConsumerServiceURL>
         <SignResponse>true</SignResponse>
         <EnableAudienceRestriction>true</EnableAudienceRestriction>
         <EnableRecipients>true</EnableRecipients>
         <AudiencesList>
            <Audience>https://localhost:9443/oauth2/token</Audience>
         </AudiencesList>
         <RecipientList>
            <Recipient>https://localhost:9443/oauth2/token</Recipient>
         </RecipientList>
      </ServiceProvider>
      <ServiceProvider>
         <Issuer>analyticsportal</Issuer>
         <AssertionConsumerServiceURLs>
            <AssertionConsumerServiceURL>https://mgt.iots310.wso2.com:443/portal/acs</AssertionConsumerServiceURL>
         </AssertionConsumerServiceURLs>
         <DefaultAssertionConsumerServiceURL>https://mgt.iots310.wso2.com:443/portal/acs</DefaultAssertionConsumerServiceURL>
         <SignResponse>true</SignResponse>
         <EnableAudienceRestriction>true</EnableAudienceRestriction>
         <EnableRecipients>true</EnableRecipients>
         <AudiencesList>
            <Audience>https://localhost:9443/oauth2/token</Audience>
         </AudiencesList>
         <RecipientList>
            <Recipient>https://localhost:9443/oauth2/token</Recipient>
         </RecipientList>
      </ServiceProvider>
   </ServiceProviders>
</SSOIdentityProviderConfig>

  4. Start the WSO2 IoT Server's core profile.

    cd <IOTS_HOME>/bin
iot-server.sh

What's next?

Next, let's configure the manager node.

com.atlassian.confluence.content.render.xhtml.migration.exceptions.UnknownMacroMigrationException: The macro 'next_previous_links2' is unknown.