com.atlassian.confluence.content.render.xhtml.migration.exceptions.UnknownMacroMigrationException: The macro 'next_previous_link3' is unknown.

Using NGINX as the Proxy Server

A preferred server can be used as a proxy server between the device and the WSO2 IoT server. The steps documented below is only an example of configuring the proxy server using NGINX, which is a known reverse proxy server. 

Follow the steps given below to configure the proxy Server:

  1. Install NGINX on your production environment.
    Example:
     

  2. Get an SSL certificate. Make sure that the common name of the certificate you are getting matches the constructed URI.

    The WSO2 IoTS client sends requests to the WSO2 IoTS server through a Proxy Server. The Windows WSO2 IoTS protocol constructs a URI that uses the host name by appending the domain of the email address to the subdomain, enterpriseenrollment for the each device request. Therefore, you can either purchase a domain name or create a DNS entry in the http://enterpriseenrollment.<EMAIL_DOMAIN> format.

  3. Navigate to the /usr/local/etc/nginx directory, create a folder named ssl, and add the CA certificate and the private key to this folder.
  4. Configure the /usr/local/etc/nginx/nginx.conf file with the details of the SSL certificate and the Windows endpoints as explained below. 

     Click here to view a configured nginx.conf file.
    server {
            listen 443;
            server_name enterpriseenrollment.dilan.me;
            ssl on;
            ssl_certificate /usr/local/etc/nginx/ssl/certificate.crt;
            ssl_certificate_key /usr/local/etc/nginx/ssl/private.key;
            
            location /EnrollmentServer/Discovery.svc {
                   if ($request_method = GET) {
                   return 200;
            }
    
                   proxy_set_header X-Forwarded-Host $host:$server_port;
                   proxy_set_header X-Forwarded-Server $host;
                   proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                   proxy_pass http://<IP>:<GATEWAY_PORT>/api/device-mgt/windows/v1.0/discovery/post;              
     
                   proxy_http_version 1.1;
            }
            location /ENROLLMENTSERVER/PolicyEnrollmentWebservice.svc {
               
                   proxy_set_header X-Forwarded-Host $host:$server_port;
                   proxy_set_header X-Forwarded-Server $host;
                   proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                   proxy_pass http://<IP>:<GATEWAY_PORT>/api/device-mgt/windows/v1.0/certificatepolicy/xcep/1.0.0;
     
                   proxy_http_version 1.1;
            }
            location /windows-web-agent {
                   proxy_set_header X-Forwarded-Host $host:$server_port;
                   proxy_set_header X-Forwarded-Server $host;
                   proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                   proxy_pass http://<IP>:9763/windows-web-agent;
                   
     
                   proxy_http_version 1.1;
            }
            location /ENROLLMENTSERVER/DeviceEnrollmentWebservice.svc {
                   proxy_set_header X-Forwarded-Host $host:$server_port;
                   proxy_set_header X-Forwarded-Server $host;
                   proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                   proxy_pass http://<IP>:<GATEWAY_PORT>/api/device-mgt/windows/v1.0/deviceenrolment/wstep/;
     
                   proxy_http_version 1.1;
            }
    
            location /ENROLLMENTSERVER/Win10DeviceEnrollmentWebservice.svc {
                   proxy_set_header X-Forwarded-Host $host:$server_port;
                   proxy_set_header X-Forwarded-Server $host;
                   proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                   proxy_pass http://<IP>:<GATEWAY_PORT>/api/device-mgt/windows/v1.0/deviceenrolment/enrollment;
     
                   proxy_http_version 1.1;
            }
            location /Syncml/initialquery {
                   proxy_set_header X-Forwarded-Host $host:$server_port;
                   proxy_set_header X-Forwarded-Server $host;
                   proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                   proxy_pass http://<IP>:<GATEWAY_PORT>/api/device-mgt/windows/v1.0/syncml/devicemanagement/1.0.0/request/;
     
                   proxy_http_version 1.1;
            }
            location /devicemgt {
                   proxy_set_header X-Forwarded-Host $host:$server_port;
                   proxy_set_header X-Forwarded-Server $host;
                   proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                   proxy_pass http://<IP>:<GATEWAY_PORT>/api/device-mgt/windows/v1.0/management/devicemgt/1.0.0/pending-operations/;
     
                   proxy_http_version 1.1;
            }
        }
        include servers/*;
    }
    1. Configure the SSL certificate details.

      server {
              listen 443;
              server_name enterpriseenrollment.wso2.com;
              ssl on;
              ssl_certificate /usr/local/etc/nginx/ssl/star_wso2_com.crt;
              ssl_certificate_key /usr/local/etc/nginx/ssl/enterpriseenrollment_wso2_com.key;

      You need to configure the following properties:

      PropertyDescriptionExample

      server_name

      Define the common name of the certificate.

      enterpriseenrollment.wso2.com

      ssl_certificate

      Define where you saved the SSL certificate.

      /usr/local/etc/nginx/ssl/wso2_com_SSL.crt

      ssl_certificate_key
      Define where you saved the private key of the certificate.

      /usr/local/etc/nginx/ssl/enterpriseenrollment_wso2_com.key

    2. Configure the Windows endpoints.

       Click here to know more on the required Windows endpoints.
       Click here to see a sample Windows endpoint configuration.

      Example:

      location /ENROLLMENTSERVER/PolicyEnrollmentWebservice.svc {  
          proxy_set_header X-Forwarded-Host $host:$server_port;
          proxy_set_header X-Forwarded-Server $host;
          proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      
          proxy_pass http://10.10.10.10:8280/api/device-mgt/windows/v1.0/certificatepolicy/xcep;
      
          proxy_http_version 1.1;
      }
      PropertyDescription
      locationThis property specifies the "/" prefix that needs to be compared with the URI sent from the request. For more information, see the NGINX documentation.

      proxy_set_header

      Required to configure Windows for reverse proxy.
      proxy_passDefine the respective Windows endpoint.
com.atlassian.confluence.content.render.xhtml.migration.exceptions.UnknownMacroMigrationException: The macro 'next_previous_links2' is unknown.