Difference between revisions of "Installation FAQs"

Installation FAQs

Answers to commonly asked installation questions.

What is Memcached?

Memcached is a third party caching mechanism which is used by the platform to cache the platform Application Data and other required elements, which can improve performance by minimizing the user response time to the server.

Learn more: Configure Memcached

Is the communication secure using the platform?

For secure communication, You should always use https://yourdomain/networking/Service to access the Platform. The platform provides a default self-signed certificate which is used by the Application Server.

This certificate can be replaced with your own certificate, purchased from VeriSign. For more instructions on replacing your own certificate, please follow the instructions at Certificate Signing Request (CSR) Generation Instructions-Tomcat

How do I obtain and install an SSL Certificate?

Managing SSL Certificates

Obtaining an SSL Certificate

The platform provides a default self-signed certificate which is used by the Application Server.

To obtain and install your own SSL Certificate, make a request to a Certificate Authority (CA). An SSL certificate authenticates a website to a web browser, part of a security protocol to manage secure data exchange.

The CA will accept your Certificate Signing Request and generate a certificate which identifies your website as a secured website.

To create a Certificate Signing Request (CSR)

1. Create a keystore and a private key:

cd {install_dir}/tomcat/conf/RN
keytool -genkey -alias tomcat -keyalg RSA -keysize 2048 -keystore {keystore_filename}

2. Create a CSR from the keystore

keytool -certreq -keyalg RSA -alias tomcat -file certreq.csr 
        -keystore {keystore_filename}

3. Submit the resulting file, certreq.csr, to the CA to obtain a certificate.
(When the certificate arrives, you are ready for the next step of steps.)

To Install the Certificate Obtained from the CA

Once you have obtained a certificate, you need to import it into the keystore.

But first, in addition to your certificate, the CA might provide a Chain/Root Certificate, which must also be imported. If you have received a chain certificate from the CA, then:

1. Copy the contents of the chain certificate into a file called chain

2. Import the chain certificate into your keystore:

keytool -import -alias root -keystore {keystore_filename} 
        -trustcacerts -file chain

When the chain certificate (if any) has been imported, you are ready for the final step:

3. Import the certificate received from the CA:

keytool -import -alias tomcat -keystore {keystore_filename} 
        -trustcacerts -file {certificate_filename}

Replacing the Default SSL Certificate

To replace the certificate:

1. Add the new certificate to this directory:

   {install_dir}/tomcat/conf/RN

2. Edit {install_dir}/tomcat/conf/server.xml file
3. Replace the following line:

   keystoreFile="conf/RN/thirdParty" keystorePass="algrsa"

   with:

   keystoreFile="conf/RN/your_certficate_file_name"

   keystorePass="your_password_for_certificate_store"

4. Save the file
5. Restart the application server

The Application Server will now use your certificate file for communication over https.

Learn More

• Certificate Signing Request (CSR) Generation Instructions-Tomcat, at
  https://knowledge.verisign.com/support/ssl-certificates-support/index?page=content&id=AR227

On what port does the Application Server run?

The Application Server runs on the following ports. Please ensure these ports are open for your network.

• Default Non SSL port 80
• Default SSL port 443
• Default Server Port 8006

Can I run Application Server on a different port?

Yes, you can choose to run the Application Server on a different port other than default port.

To run the Application Server on a different port: A. Edit the file longjump_installation/tomcat/conf/server.xml

1. Change the port number to the new port number
2. Save the file

B. Edit the file longjump_installation/tomcat/conf/RN/networking.properties

Change the port numbers highlighted below:

@ Service Configuration
Service domain: www.example.com:8080

@ Server.xml
<Connector port="8080" ...

@ networking.properties<br>current_server=http://127.0.0.1:8080/networking

@ Database Relationals @ Table NETWORK_GLOBAL_PROPERTIES @ Column import_document_server = <ip>:8080 document_server = <ip>:8080 public_document_server = <ip>:8080

C. Restart the Application Server

Does the Application Server support any other Database Server other than MySQL?

Currently, the Application Server supports MySQL.

Is it possible to run the Application Server on one server and have Database Server MySQL running on another remote server?

Yes, the Application Server can be isolated on one machine and MySQL can be run on another remote machine.

Permissions need to be enabled on MySQL to allow the web servers to be able to access the database server. This can be done using the GRANT command of MySQL:

GRANT ALL ON *.* to 'root'@'web server IP Address' IDENTIFIED BY 'password'

How do I point a web server running the Application Server to a Remote Database server?

To direct a Remote Database Server to the Application Server:

1. Edit the file longjump_installation/tomcat/conf/server.xml
2. Replace url="jdbc:mysql://{domain}/relationals" with url="jdbc:mysql:// IP address of remote Database Server/relationals"

   Where IP address of remote Database Server is the IP address of the remote database server

3. Save the file
4. Restart the Application Server

How do I control the various servers which run inside the Application Server?

See Managing Backend Services

What kind of Housekeeping is Needed

Removing old data and old files that are no longer needed helps to keep both server and platform running smoothly.

Learn more: Housekeeping

Licensing

How do I read my license?

Open a command prompt and type the following command:

java –cp longjump_installation/tomcat/lib/es.jar com.es.customerLicense.ReadLicense

How do I check that my license is valid?

Open a command prompt and type the following command:

java –cp longjump_installation/tomcat/lib/es.jar com.es.customerLicense.ReadLicense

How will I be know when my license needs to be renewed?

The LongJump Platform monitors the license expiration date automatically. Following the end date of the license period, a seven-day grace period begins. During this grace period, an email notification is sent daily, until the license is renewed, or the grace period ends.

Can I use REST API to query my license?

Yes, a REST API License Resource is available. Use this resource to query each server for the license details, or use the resource to implement your own custom notification policies.

Learn more: License Resource

Troubleshooting

Error Sending Email Messages

If you receive the following error message, it is likely due to an incorrectly configured hostname.

Error in Sending Email:  501 Syntax: HELO hostname

To identify this issue try the following:

• Find the hostname of the server by executing the following command.

#hostname web1.mydomain.com

• Check if you can ping the hostname (the ping should be successful):

#ping web1.mydomain.com

• Check if you can resolve the hostname (nslookup should be able to resolve the hostname without any errors):

#nslookup web1.mydomain.com

If all of the remedies are not successful, work with your service provider or consult the Operating System documentation to configure a valid hostname for your server.

The hostname can be configured in the following files:

/etc/sysconfig/network

/etc/hosts

Out Of Memory Error

Follow these instructions to resolve OutOfMemoryError: PermGen Space errors:

1. Edit this file:

   /longjump_app_Server/tomcat/bin/catalina.sh

2. Add the following line at the end of the CATALINA_OPTS options:

   -XX:PermSize=500m -XX:MaxPermSize=500m

3. Save the file and restart the Applications Server

If OutOfMemoryError: PermGen Space errors continue, the 500m option can be increased, depending upon the available memory.

My Documents are not being uploaded/downloaded or Imports are not working

A non-SSL tomcat connector is required for the document and import servers. These servers listen to port 80 by default.

Optionally, a different port can be selected. If documents are not being uploaded/downloaded or imports are not running, run the following patch. In this example, port 8080 is used. Be sure to change the port number to match the configuration in your environment.

1. Login into mysql as root and execute the following queries:

   Mysql>Begin;

   Mysql> update relationals.NETWORK_GLOBAL_PROPERTIES SET document_server='http://locahost:8080

   /networking',public_document_server='http://localhost:8080/networking',import_document_server=

   'http://localhost:8080/networking';

   Mysql>commit;

2. Restart memcached
3. Restart the application server

Learn More

• Platform Installation Guide
• System Administration Guide
• Service Provider Settings