Installing CCC
After you've created a root of trust, follow these steps to install the CCC server, while ensuring that you are logged in as a root user:
Downloading the CCC license file:
-
Log in to Thales Group Licensing Portal, using the details provided in the entitlement email you have received.
-
Activate your CCC license and then download the license file. A Freemium license file is included in the CCC package that you'll be downloading in the next step.
Downloading the CCC package:
-
Log in to Thales Customer Support Portal and download the CCC package on to the CCC server.
-
Unzip the CCC package and then go to the directory containing the RPM file and installation script.
Checking installation requirements:
-
Run the
sh install.sh -check
command to check whether your system meets all the requirements for installing CCC. -
If your system meets the hardware and software requirements, you will see a message stating that your system meets all the requirements, following which you can type proceed to begin the installation process.
-
If your system does not meet the hardware or software requirements needed for installing CCC, there are two possibilities:
a. You'll see one or more warning messages indicating the missing components, following which you can either continue with the installation process or install the missing components first and then resume the installation process by running the
sh install.sh -check
command again.b. The installation process will get terminated due to errors and you will not be able to proceed further.
You'll be asked to provide appropriate inputs at various stage of the installation process. The default inputs have been indicated by way of square brackets, wherever applicable. In case you press Enter without providing an input, the default inputs will be considered for the purpose of installation.
Setting umask: You will see a message indicating that umask has been set to 0022.
Installing CCC RPM: The Crypto Command Center RPM package will be installed on your system.
If a Crypto Command Center RPM package is already installed on your system, you'll be asked whether you want to uninstall and then reinstall the package.
Installing JDK: Java will be installed on your system. You'll be asked whether you wish to provide the path of an already installed JDK. If not, JDK be installed from the Web.
Installing a database: Specify the database that you want to install. Press 1 if you want to install PostgreSQL, or press 2 if you want to install Oracle.
CCC supports one-way SSL authentication for PostgreSQL database.
Installing PostgreSQL: Select Y to use CCC installer or N to install PostgreSQL manually.
-
If you opt for using the CCC installer, a check is performed for any existing version of PostgreSQL on your machine. If an existing version is found, it is offered to you for reconfiguration. If an existing version is not found, you need to specify whether you want to do the PostgreSQL installation through the Internet or via a local directory. Depending on your choice, PostgreSQL gets installed on your machine. After PostgreSQL has been installed, you need to complete the rest of the installation process, as explained in steps below.
In case you see an error message, ensure that you are meeting all the requirements for PostgreSQL installation.
-
If you opt for installing PostgreSQL manually, refer to the Installing PostgreSQL Manually section for detailed steps. After you've installed PostgreSQL manually, you need to configure CCC, as described in the Configuring CCC section. You can skip the rest of the steps on this page.
In case you see an error message, ensure that you are meeting all the requirements for PostgreSQL installation.
Installing Oracle Database: If you opt for installing the Oracle database, refer to the Installing an Oracle Database section of this guide. After installing Oracle, you need to configure CCC, as described in the Configuring CCC section. You can skip the rest of the steps on this page.
To install Oracle, it is recommended that you should consult a trained Oracle Database Administrator (DBA). The DBA must refer the instructions provided in the Installing Oracle Databasesection.
Providing PostgreSQL listen address: After you've installed PostgreSQL locally, you'll be asked to provide PostgreSQL listen address, which could either be a hostname or IP address. We recommend that you should provide 127.0.0.1 as the PostgreSQL listen address to identify the server in all configuration files. Unlike a hostname, 127.0.0.1 can be used in all the files.
Configuring syslog: Specify whether you want to configure syslog for PostgreSQL database logs.
Configuring SSL: You need to specify whether you want to configure PostgreSQL with SSL. If you choose Yes, you'll be asked to provide SSL Certificate details, as described in the steps that follow. If you choose No, the SSL Certificate related steps will not be applicable to you.
Creating database password: You need to create a database password.
Creating a self-signed certificate: If you are configuring PosgreSQL with SSL, you need to create a self-signed certificate that will enable secure communication between the CCC server and PostgreSQL database. To do so, you need to specify your hostname, name of the organization unit, name of the organization, name of your city, name of your state or province, your 2-letter country code, and your email address.
After you've installed CCC, you need to change your current directory to /usr/safenet/ccc and initiate the CCC configuration process, as explained in the Configuring CCC section.