Installing CADP for C on Windows
This section covers how to install CADP for C on Windows.
Note
If you do not have Visual Studio installed on the machine(s) you plan to run the CADP for C utilities, when you attempt to run a utlility, it may fail and you may not obtain the certificates while installing. If you do run into this issue, install the Microsoft VC++ 2010 re-distributable (VCredist2010_x64) package. Refer to the Microsoft website to download the latest versions of the Microsoft VC++ 2010 re-distributable packages (for 64-bit per your system configuration).
Note
To generate SSL/TLS certificates using the CADP for C installer, the CipherTrust Manager user must have the CA Admins, Read-Only Admins, and Key Users privileges.
You can install CADP for C on Windows in the following two ways:
GUI Based Installation
Note
If you plan to use an external CA with the CipherTrust Manager and CADP for C, then you will need to configure the SSL settings for the CADP for C (client) manually. During the CADP for C installation, select TCP within the Protocol Information page when prompted. Then after the installation, manually configure the client for SSL settings. Refer to Configuring the Client for more information.
Download the CADP for C setup file from the Thales Customer Support Portal.
Double-click the setup executable (
setup.exe) to start the InstallShield Wizard. The Welcome page displays. Click Next.
From the License Agreement page, select I accept the terms in the license agreement and click Next if you wish to accept the terms of the license agreement.
From the Destination Folder page, click Next to install to the default installation folder. If you wish to select a different installation folder to use for this installation, click Change, enter the path to the folder of your choice, and then click Next to install to the specified installation folder.
On the Registration Token Information page, select an option from the drop-down menu. The options are Yes and No. To know more about creating a registration token, click here.
If you are using Domain CA while creating the client profile, refer to the steps mentioned on this link.
Select Yes and click Next.
Provide the Server IP/Hostname, Server Port, Registration Token, and Passphrase details.
Note
• Registration token is supported with CipherTrust Manager 2.15.0 and above.
• Registration token must be provided in ASCII format.
Click Next.
Select No and click Next.
From the Protocol Information page > Server Protocol list, select the protocol to use to communicate with the CipherTrust Manager. The options are TCP and SSL. The default server protocol to use is SSL. Choose your desired option from the drop-down menu
Select TCP as server protocol. Click Next.
From the Logon Information page, enter the information to be used to communicate with the CipherTrust Manager:
Server IP/Hostname: IP address or hostname of the CipherTrust Manager.
Server Port: Server port number of the CipherTrust Manager interface.
Click Next.
Select SSL as server protocol. Click Next.
From the Logon Information page, enter the information to be used to communicate with the CipherTrust Manager:
User name: Username associated with the user account to use to log into the CipherTrust Manager.
Password: Password (associated with the username) to use to log into the CipherTrust Manager.
Server IP/Hostname: IP address or hostname of the CipherTrust Manager.
Server Port: Server port number of the CipherTrust Manager interface.
Click Next.
From the Certificate Information page, enter the information to be incorporated into a Certificate Signing Request (CSR) for the SSL client certificate:
Common Name (mandatory)
Passphrase/PIN (mandatory)
State
City
Organization Name
Organization Unit
Country
Email Address
Click Next.
Click Install to begin the installation process.
After the installation is complete, the 'InstallShield Wizard Completed' page displays. Click Finish to exit the installation wizard.
Silent Installation
For the silent installation on Windows, you will need to provide the basic configuration settings in the configuration file named cadp_for_c_basic.conf first. During the silent installation, the CADP_PKCS11.properties and CADP_CAPI.properties files are automatically updated with the settings you provide in the configuration file.
For more information about the configuration file and how to configure it, see Modifying the CADP for C Configuration File.
To install CADP for C on Windows silently:
Modify the
cadp_for_c_basic.conffile per your environment. If you want to use the registration token while installing CADP for C, you must update the config file with a new parameter REG_TOKEN. The default value of this parameter would be empty.Execute the following command:
setup.exe /S /v"/qn CONFIGPATH=<path of cadp_for_c_basic.conf file>"For example:
setup.exe /S /v"/qn CONFIGPATH=C:\Users\Administrator\Desktop\cadp_for_c_basic.conf"
Note
Ensure that the name of the folder, where your cadp_for_c_basic.conf file is placed, must not contain any space. For example, C:\folder_name 1\cadp_for_c_basic.conf is invalid whereas C:\folder_name1\cadp_for_c_basic.conf is valid.
Caution
Do not use cadp_for_c_basic.exe for any operation.
Note
After installation, if you have selected SSL protocol, ensure that there is no error log present in <install_folder>/logs/cadp_for_c_basic.log. If there are any error in the logs, you need to re-run the installer with correct values.
Client Certificate Renewal
To know how to renew the client certificate, click here.
