Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Install or upgrade a Fortified ID product on a Windows server.
Note! This use case, "Install on Windows", will install a Fortified ID product online or using downloaded files. If you do not have internet access on the server which you are going to install on, go to use case "Download JRE and Artifact for Windows" to download requested files.
Windows server 2019 or later. Local or cloud instances like AWS or Azure for example.
Installation scripts to do an Fortified ID product installation. Contact Fortified ID on info@fortifiedid.se for installation scripts.
Credential file to access Fortified ID product area. Contact Fortified ID on info@fortifiedid.se to get credentials.
Correct download URL for the product you like to install. Contact Fortified ID a info@fortifiedid.se to get correct URL.
There are three files to be used when installing a Fortified ID product
Note. You need a Windows host with a later version of Powershell as you download computer.
There are three files to use when downloading a Fortified ID product offline. If you do not have the three scripts, check the prerequisite section.
We will put the three files in c:\temp in this use case.
install_fortifiedid_product.properties
install_fortifiedid_product.ps1
customer_access_credentials.json
Update install_fortifiedid_product.properties with the application you like to install.
Open install_fortifiedid_product.properties
Verify installation path on your Windows server
Note. If you have downloaded the JRE in advanced the JRE_LINK should look like e.g.,: JRE_LINK=c:\temp\fortifiedid-jre.zip
Verify installation path on your Windows server
Change memory for the application to use if needed.
If you need to use a proxy, uncomment the three commented lines.
Uncomment the product to install (not you can only install one product at time). You only uncomment four of the five rows. First row should not be uncomment. See example below where WEB should be installed
The APP_LINK value depend if you have online access or if you have predownloaded the artificat. Below is two examples how it can look like:
APP_LINK=https://fortifiedid.jfrog.io/artifactory/default-fortifiedid-libs-release-local/fortifiedid/integrity-server/2.0.0-RC30/integrity-server-2.0.0-RC30-dist.zip
APP_LINK=integrity-server-2.0.0-RC30-dist.zip
Save install_fortifiedid_product.properties
To install/upgrade application we use a PowerShell script.
Open a Windows PowerShell prompt on the Windows server. Make sure your run the prompt as an administrator.
In the PowerShell prompt, go to folder C:\temp. See command below.
In the PowerShell prompt, execute install_fortifiedid_product.ps1. See command below.
Type y to start installation. (Below we install Fortified ID Web as an example)
If you doing an upgrade you will get a question to backup the /application and /JRE folder. The files will located in a zip-file in a /backup folder. Note. The customer folder will nerver be touched doing an upgrade. Those files are protected.
Type y/n depending if you like to start service
Installation is now complete!
Open Windows Explorer
Go to C:\Program Files\FortifiedID\"app you installed"
You should find three folders
jre
application
customer
backup (you might have a backup folder depending on what you ansewerd during the upgrade and if you did an upgrade)
Open Windows Services
Verify that service Fortified ID "app you installed" exists
Using "RC releases"?! Note that only last 5 are stored and are frequently replaced with new and cannot be regenerated.
This use case will not install any Fortified ID product on Windows, it will only download JRE and Artifact. This is a prerequisite for an offline installation.
Note! If you have internet access from the Windows server, skip this use case and go to next use case, "Install on Windows".
A host that support Powershell. (E.g. Windows 11 or Windows 2019)
Download scripts to do an offline download of JRE and Fortified ID artifact. Contact Fortified ID on info@fortifiedid.se to get download scripts.
Credential file to access Fortified ID product area. Contact Fortified ID on info@fortifiedid.se to get credentials.
Correct download URL for the product you like to install. Contact Fortified ID a info@fortifiedid.se to get correct URL.
Note. You need a Windows host with a later version of Powershell as you download computer.
There are three files to use when downloading a Fortified ID product offline. If you do not have the three scripts, check the prerequisite section.
We will put the three files in c:\temp in this use case.
download_artifact_and_jre.ps1
download_artifact_and_jre.properties
customer_access_credentials.json
Update download_artifact_and_jre.properties with the application you like to download.
Open download_artifact_and_jre.properties
Add the URL for the app to download. Locate the two lines below.
Change download location if you like. (we will use default in this use case)
The script also support use of proxy for access if you have that demand.
Save download_artifact_and_jre.properties
Note. verify that you have the three files mentioned above in c:\temp.
Open a Windows PowerShell prompt on the Windows download computer. Make sure your run the prompt as an administrator.
In the PowerShell prompt, go to folder c:\temp. See command below.
In the PowerShell prompt, execute download_artifact_and_jre.ps1. See command below.
When script is completed you should two new files in c:\temp
fortifiedid-jre.zip
integrity-server-2.0.0-RC30-dist.zip (this is an example. You should see a zip-file with the name of the artificat you downloaded)
Move the two files to the windows server where you should do the installation.
To install a Fortified ID product on Windows, see use case Install on Windows
For some applications a .deb package is available. It is access using the Fortified ID installation repo. Example is provided using Ubuntu.
A user name and a credentials file provided by Fortified ID or a, by Fortified ID, approved partner.
A user on local system with appropriate privileges or sudo access.
By performing commands below you can installa Azul JAVA JRE
In terminal run:
3 repos are available:
https://fortifiedid.jfrog.io/artifactory/debian - includes both RC and stable
https://fortifiedid.jfrog.io/artifactory/release-debian-local - includes stable
https://fortifiedid.jfrog.io/artifactory/candiate-debian-local -includes RC's
In terminal run:
In terminal run
Verify by running:
No errors should occur.
Using "RC releases"?! Note that only last 5 are stored and are frequently replaced with new and cannot be regenerated.
Begin by obtaining authentication credentials from your Fortified ID representative. Use the credentials to log in to the FortifiedID Docker Registry by any available method, .
Example for Unix/Linux:
Transfer the token from customer_access_credentials.json to password.txt:
Open the customer_access_credentials.json file that you have received.
Locate and copy the access_token value.
Open or create the password.txt file.
Paste the access_token value into password.txt.
Replace <username> with your username that you have received in the following command and execute it.
Depending on your system configuration, you may need to run the logon command with different user rights, such as the root user and the current user account.
To verify the Docker setup, run the server:
Replace <container_display_name> with the container name and replace <product_name>:<version> with the image product name and version.
Parameter explanation:
Check the log to ensure that the server was successfully bootstrapped:
Using "RC releases"?! Note that only last 5 are stored and are frequently replaced with new and cannot be regenerated.
You can install a Fortified ID product on Windows either when online access is available from the server or if you have downloaded the files in advanced and moved them to the server.
This instruction includes two paths when installing a Fortified ID product on Windows.
You do NOT have internet access from your target Windows server. If you have internet access SKIP this step and go to step 2.
Follow
If you have internet access or have completed step 1, then it is time to installation.
Follow
| Direct system output to |
| Start the |
| Use the given configuration file. Path is relative to |
Installation is done by running a generic Bash script for all applications that uses a properties file defining product and account.
Linux OS 64-bit.
Unzip installed in the Linux OS.
cURL installed in the Linux OS
JAVA latest 21 JRE from Azul installed. Se documentation on how at:
Contact Fortified ID support to get the download credentials file, customer_access_credentials.json.
Latest version of the Bash script and property file.
Hardware requirement is depend on usage of the application
Minimum of 10 GB of drive space
Minimum 4 GB of RAM
Integrity is not CPU intensive; two virtual CPUs should work for most scenarios
Get installation package from Fortified ID.
Edit "FortifiedID_Online_Installation.properties":
Uncomment and enter values for:
APP_LINK=<url to product>
INSTALLATION_PATH=/opt/fortifiedid/web
DOWNLOADED_PRODUCT_FILENAME=<product_name>
Appropriate values are provided by FortifiedID
Place "customer_access_credentials.json" in the same directory as "FortifiedID_Online_Installation.properties". Execute the "linuxinstaller.sh" script.
Due to slight differences in Linux dialects, in some cases, errors may occur. In majority of cases it is related to updates to start.sh & stop.sh files.
Changes can be done manually after installation.
Contact FortifiedID if error you experience any installation errors
Update APP_LINK with new value and execute execute the linuxinstaller.sh script.
Folders, /application and /JRE, will be replaced during upgrade. Do not store any custom data there. The folder called /customer will not be replaced.
Installer skript needs TMPDIR variable. Before starting the script ensure this is present. If not set the variable.
Using "RC releases"?! Note that only last 5 are stored and are frequently replaced with new and cannot be regenerated.
Clustering is achieved by sharing sessions between nodes in the system using Hazelcast technology. To ensure this works effectively, an external load balancer is required in front to manage the distribution of requests among the nodes. For optimal performance, the load balancer should be configured to use sticky sessions, ensuring that a user’s session is consistently directed to the same node. For more details on how Hazelcast facilitates clustering, please refer to the Hazelcast website.
Enabling cluster is done by editing the "config.json" file. At top level in the file add:
Note that example above is the entire content of "config.json". This will NOT be the case in real world.
Attached is an example configuration. Download, edit and place where not removed on upgrade.
It is crucial that all nodes synchronise their clocks with the same time synchronisation servers. Since time is used as decision point selecting "last data".
If log shows "[AbstractXmlConfigHelper] WARN: Name of the hazelcast schema" the "xsi:schemaLocation" in cluster configuration file need to be updated. List of available schemas can be found at https://www.hazelcast.com/schema/config/ . Reference the one closest in version to the hazelcast version used. Current version is found under application lib-directory: hazelcast-xxx.jar
By default hazel cast sends usage data. This can be disabled by setting "hazelcast.phone.home.enabled" property in cluster configuration file: