I want to make my identity server public so that all users who visit it can access the identity server but right now only I can access it since it's hosted locally. How can I deploy this so that it runs on my IIS? Will copying and pasting the WSO2 IS folder into my inetpub\wwwroot folder work? (And after configuring the .xml files so that it shares my public domain)
I tried reading the WSO2 IS documentation but it's not very clear to me how I can make it public. I was hoping for a systematic tutorial/way to do this but it chains from one step to multiple.
https://docs.wso2.com/display/IS530/Deployment+Guidelines+in+Production https://docs.wso2.com/display/IS550/Changing+the+hostname
I believe there are a few misconceptions (no, copying the installation into inetpub\wwwroot won't work, it's not php)
chains from one step to multiple
well - the documentation is related only to a product, it assumes some knowledge of the network and systems it runs on
1 - you should run the WSO2IS as a service ( so this is Windows guide may be helpful and this here is how to run the WSO2IS as as service for Linux)
2 - change the repository/conf/carbon.xml
(this step is optional, but increases security)
HostName - to the public hostname
MgtHostName - to internal hostname, so the administrative console is not accessible from internet
3 - The best practice to expose the WSO2IS would be a reverse proxy (depending you are using IIS, nginx or httpd) so you don't expose the default port 9443 to the outside directly (I assume you want to use your own SSL certificate on 443 and TLS termination in the web server)
For the default WSO2IS applications you need to create a reverse proxy from `HTTPS:443 -> HTTP:9763
update /repository/conf/tomcat/catalina-server.xml and on the Connector listening on 9763 add attribtue proxyPort="443"
(Note: now I am not sure if it will work, what will work for sure is TLS bridging HTTPS:443->HTTPS:9443, it means adding proxyPort="443" to the Connector for port 9443)