Providing External Access for the Xp Single Developer Installation

One of the most used installations from Sitecore is the Single Developer instance, where you have the following running on one machine:

  • Sitecore with a Standalone Role
  • Identity Server
  • xConnect

Once installation is complete a developer can visit http://sc.local, and they're off to the races. By the way, sc is the prefix used during installation, and we'll reference it by [prefix] from now on.

This is convenient, but in a team environment we want other developers to access our VM if we need to collaborate, troubleshoot, etc. Also, and I can't stress this enough, VMs should be used so checkpoints can be applied in the event disaster recovery is needed. Our typical configuration is to have multiple VMs on our developer machines (one for each client), and have the one we're working on turned on at the time. With the use of TDS, Visual Studio is able to build and deploy to the VM from the host machine, and this all makes for a lightweight and efficient configuration.

So how do we get here? How is the VM reconfigured to host externally? There are some post-installation steps needed to get where we need to be. While we're at it, we're going to use our organization's SSL certificate since the generated ones will eventually expire, and configure the site to use SSL.

These steps are done in the VM, so use a console or RDP to it:

  1. If not installed already, import your organization's SSL certificate into the credential manager (personal) on the VM so IIS can use it. Once installed, open it by double clicking and get the thumbprint under Details.

  2. In IIS bind identity server to port 444, using your new certificate and remove the host name.

  3. Do the same for the xConnect site, using port 442.

  4. Allow ports 444 and 442 through the firewall.

  5. Add port 443 using your new certificate to the main Sitecore site in IIS. Ensure the host name for both port 443 and 80 are set to the navigable machine URL.

  6. Edit Sitecore.Owin.Authentication.IdentityServer.config in Sitecore and change https://[ machine name].identityserver  to the navigable URL of your VM (https://[machine name]:444/).

  7. In Identity Server, edit Sitecore.IdentityServer.Host.xml, changing the root password recovery URL so http://[prefix].site is replaced with https://[machine name]. Also change the thumbprint to your new certificate's one.

  8. Do the same for the thumbprint in in xConnect, change appsettings.config file and the ones in App_Data\jobs\continuous\AutomationEngine\App_Config\ ConnectionStrings.config and App_Data\jobs\continuous\ProcessingEngine\App_Config\ ConnectionStrings.config. Also change [prefix].xconnect to https://[machine name]:442

  9. In the main site's connectionstrings.config file, change the thumbprints here too. Also change [prefix].xconnect to https://[machine name]:442

  10. Open MMC.exe and add the certificates snap in. Go to Personal and find your certificate, right click on it and choose All Tasks -> Manage Private Keys. Add all 3 the app pool users for the installation by using the prefix like this: “iis apppool\[prefix].site”

  11. In Sitecore, deploy marketing definitions, and republish the entire website.

  12. Restart the site and check the new logs to make sure there are no exceptions.

 That's it. Now Sitecore will serve up the site, over SSL, to anyone visiting this VM on the network.