Skip to main content
Nintex Community Menu Bar

I'm trying to configure k2 Five server to be accessible publically over internet. while installing K2, setup will default all urls for accessing k2 to https://PhysicalHostName/xxx. This is useful if you want to use k2 within your local network ONLY.

Let us say I want to make it accessible over the internet, through https://k2.MyPublicDomain.com, so I prepare the following:

  1. I create the sub domain k2 under my public domain hosting and route it to the physical K2 server.
  2. I install ssl Certificate on IIS and modify the binding to use it.
  3. I allow all required traffic through firewall and security devices.

Now, if I open https://k2.MyPublicDomain.com from any browser, it reach the internal k2 server (showing Secure SSL page), start the warming up of k2 page, and then it will try to authenticate the user by doing an unfortunate static redirection to https://PhysicalHostName/Identity/sts/...  instead of a relative one. This will definitly lead to inaccessible page, because your Physical host server is not accessible from outside through its real name..

 

I tried to go through all available documentations, but unfortunately, I could not reach the solution. I tried to change any presence of PhysicalHostName in the K2 Management settings, even by manually changing the web.config files, but I never reached a proper solution.

I appreciate if anyone can support and at least to hint on any documentation.

Hi Omar, 


 


Did you manage to have a look at the following document from our website as well:


 


https://help.k2.com/onlinehelp/k2blackpearl/icg/4.7/default.htm#Prepare/SCC/DNSHostRecords.htm


 


Also do you see does the URL have any underscores within it ? 


 


Kind regards, 


 


Percy


 


 


Hello Omar,

 

By looking at the issue, I would suggest you to take a look at the Claim issuer mappings value. The redirection URL is taking you to the Windows STS identity for the user authentication.  Since during the intial installation you have configured your K2 environment with internal DNS name or with the internal IP address, the Identity URL is also mapped with those internal DNS names.

 

Thus as part of configuring your K2 environment to be public DNS name also needs these URLs update. Please follow below steps to update claim issuer IDENTITY URL;

 

1. Go to K2 Management.

2. Navigate to Authentication. Under authentication you will find Claims.

3. Expand claims, you will find Issuers.

 

        

 

Hope it helps!

 

Cheers,

Prajwal Shambhu

 


Hi,


If I understand this corrreclty, it sounds like you want to expose K2 forms with external users. Maybe, it just needs to setup annoymous form access.


https://help.k2.com/onlinehelp/k2five/userguide/5.1/default.htm#Create/Views/AnonymousViews.htm?Highlight=anonymous access


I think what you looking for is to setup K2 for external access. The issue happens is with Authentication URL, which is pointed to internal server. What you need is form authentication for external Server. Go to the IIS server of the external server and change the Web.Config for K2. In config file you will find FormSTS turn the flag on for form STS and turn the flag off for WindowsSTS.

Reply