installation guide - radiant logic
TRANSCRIPT
CFS INSTALLATION GUIDE V3.X
CFS Installation Guide
Table of Contents
Installation Prerequisites ........................................................................ 2
CFS Requirements .................................................................................................. 2
Supported Operating Systems ............................................................................................ 2
Minimum Hardware Requirements ...................................................................................... 2
Supported Applications ....................................................................................................... 2
Firewall Ports ...................................................................................................................... 2
Other .................................................................................................................................. 2
Radiant Trust Connector Requirements .................................................................. 3
RadiantOne CFS ................................................................................... 3
Installing CFS .......................................................................................................... 3
Changing the Default SSL Certificate in IIS ......................................................................... 6
Updating the VDS Certificate .............................................................................................. 8
Radiant Trust Connectors ...................................................................... 9
Installing an RTC ..................................................................................................... 9
Verifying the RTC Configuration.........................................................................................10
Adding a Certificate to use with an RTC .............................................................................12
Uninstalling CFS .................................................................................. 14
Uninstalling an RTC ............................................................................. 14
CFS INSTALLATION GUIDE V3.X
Installation Prerequisites
This section describes the prerequisites for installing the Cloud Federation Service (CFS) and
Radiant Trust Connectors (RTCs). CFS does not have to be installed on a VDS server;
however, the VDS server must be accessible to the server that CFS is installed on.
CFS Requirements
Windows users without administrator privileges may launch the CFS installer; however,
administrator credentials are required to complete the CFS installation. You will be prompted to
enter the administrator credentials during installation. SSL must be enabled on the VDS prior to
installing CFS.
Supported Operating Systems
Windows Server 2008 R2
Windows Server 2012
Windows Server 2012 R2
Minimum Hardware Requirements
Memory: 1GB
Disk Space: 750 MB
CPU: Intel Pentium 2.4GHz or equivalent
Supported Applications
A list of supported applications is available in the CFS System Administrator dashboard. Refer
to Applications Web Gallery Node in the dashboard for more information.
Firewall Ports
CFS must access RadiantOne VDS on the configured LDAP SSL port which by default is 636.
This port must be opened between the CFS and VDS machines.
Client browsers must access CFS on HTTP port 443.
SMTP is used to send automated emails from CFS. Please make sure the CFS machine can
access your SMTP server through the configured port.
Other
.NET Framework 4.5
ASP.NET v4Radiant
CFS INSTALLATION GUIDE V3.X
Radiant Trust Connector Requirements
IIS 7.5 (or higher)
RadiantOne CFS
The RadiantOne CFS and Radiant Trust Connector (RTC) install files are available via an FTP
site. Contact [email protected] for access information.
Installing CFS
The CFS installer automatically installs all the required components (including the monitoring
console), makes the necessary configurations, and creates a new web site in IIS.
To install CFS:
1. Log in to the Windows machine with the user you want to run CFS. This user does not
require Administrator privileges, but administrator credentials are required to complete
the installation CFS process.
2. Double click the executable (Radiant Logic, Inc. - Cloud Federation Service - <version
#>.exe) downloaded from the FTP site. The CFS installer launches.
3. Click the “I agree to the license terms and conditions” check box and click Install.
4. When asked if you want to allow CFS to make changes to the computer, click Yes. If
prompted, enter an administrator password.
Figure 1: Enter an administrator password.
CFS INSTALLATION GUIDE V3.X
Figure 2: The CFS installer automatically configuring all required components
5. The VDS SSL certificate must be trusted on the CFS machine (in the computer
certificate store).
6. Enter the VDS connection parameters. This is the connection to the VDS that CFS will
point to for authenticating users and retrieving attributes. Since CFS connects to VDS
over SSL (and the FQDN of the VDS machine is the subject in the generated certificate),
you must enter the FQDN for the host. To make sure you have the correct address for
your VDS, open the SSL certificate and use the issuer property for the host.
CFS INSTALLATION GUIDE V3.X
Figure 3: VDS Configuration during the CFS installation
Important Note –During the install of CFS, the public key will be retrieved from
the VDS server certificate and will be used to encrypt the communication
between CFS and VDS. For more details, see Updating the VDS Certificate.
7. Click Next. This completes the configuration portion of the installation.
CFS INSTALLATION GUIDE V3.X
Figure 4: Click the Install button
8. Click Install.
9. Click Finish.
Changing the Default SSL Certificate in IIS
If no SSL certificate is present prior to installation, the CFS installer installs a self-signed
certificate in IIS to enable HTTPS. This certificate should be replaced. If it is not replaced, a web
browser warning message will be displayed when users try to access the CFS portal site
because the certificate is not valid.
Figure 5: Self-signed certificate to be replaced in IIS
CFS INSTALLATION GUIDE V3.X
To change the server certificate:
1. Open the IIS Manager and navigate to the CFS website.
Figure 6: CFS Website in IIS Manager
2. On the right side of the IIS Manager, under the Actions menu, click “Bindings…”
Figure 7: Actions menu Bindings
3. Select the https binding, and click “Edit…”
Figure 8: Site Bindings Edit
4. From the “SSL Certificate” drop-down menu, select the certificate you want to install in
IIS. (This certificate must contain a private key, and should be issued from a Certificate
Authority).
CFS INSTALLATION GUIDE V3.X
Figure 9: Selecting the SSL certificate to install in IIS
5. Click OK to close the Edit Site Binding box.
6. Click Close the Site Bindings box.
Updating the VDS Certificate
If you change the VDS server certificate, perform the following steps.
1. Open IIS Manager and navigate to the CFS Website -> cfs folder.
2. On the right-hand side (in the Features View), double-click on .
3. On the right-hand side, under the “Actions” section, click on Change the VDS.
4. Enter the password for the VDS directory manager account and click OK.
5. Restart IIS.
6. Launch the CFS portal page to verify that the new VDS server certificate can be properly
used by CFS. The VDS certificate used by CFS will be updated upon successfully
reconnecting.
CFS INSTALLATION GUIDE V3.X
Radiant Trust Connectors
Install an RTC for each Active Directory domain you want to use as an Authentication System
within CFS. RTCs must be associated with an Application Pool on .NET 4. The installation must
be on an SSL connection. It is advised that the default self-signed certificate for each RTC be
replaced with a certificate designated exclusively for use by that RTC.
Installing an RTC
To install an RTC:
1. Double click Radiant Logic, Inc. CFS Radiant Trust Connector - <version#>.exe.
2. Check the “I agree to the license terms and conditions” check box and click Install.
3. When asked if you want to allow the installer to make changes to the computer, click
Yes. If prompted, enter an administrator password.
4. Follow the installer instructions. The installer automatically downloads the RTC to the
default RTC site in IIS.
5. Click Next.
6. Click Install.
CFS INSTALLATION GUIDE V3.X
Figure 10: Radiant Trust Connector installer
7. Click Finish to exit the installer.
Verifying the RTC Configuration
Verify that the RTC is configured correctly. Check if you can access the RTC site:
1. Open the IIS Manager and navigate to the RTC site (RadiantOne Cloud Federation
Service CFS Website).
2. Select the CFS Website application.
Figure 11: IIS Manager, CFS Website Home
CFS INSTALLATION GUIDE V3.X
3. Go to Manage Application Browse Application and click “Browse *:443(https)”
Figure 12: Select “Browse*:443(https)
4. If there is a Certificate Error warning, select “Continue to this website”.
Figure 13: Certificate Error warning
5. If you are asked if you want to view only the webpage content that was delivered
securely, choose “No.”
Note – This warning is displayed if you have not yet installed a trusted SSL
certificate in IIS. You should replace the default certificate installed by the CFS
installer with a new one designated specifically for use by CFS. This certificate
should be issued by a Certificate Authority. For instructions on how to change
the certificate in IIS, refer to Adding a Certificate to use with an RTC.
6. You should now be at the Radiant Trust Connector site.
Note – The website loads slowly the first time you navigate to your newly
installed RTC.
CFS INSTALLATION GUIDE V3.X
Figure 14: Radiant Trust Connector Site
Adding a Certificate to use with an RTC
When deploying in a production environment, you should replace the certificate with a certificate
issued by a Certificate Authority. This section describes the method for replacing the certificate
to use with the RTC.
To add a certificate to use with an RTC:
1. Navigate to the RTC on IIS Manager.
2. In the list of features, click “Radiant Trust Connector.”
CFS INSTALLATION GUIDE V3.X
Figure 15: IIS Manager, RTC
The default certificate for the RTC is displayed.
CFS INSTALLATION GUIDE V3.X
Figure 16: Default certificate used by the RTC
3. In the actions list, click “Change the certificate.” The Change the certificate window is
displayed.
Figure 17: Change the certificate
4. Click the browse (“…”) button next to the Certificate file (.pfx) field.
5. Select a .pfx file and click OK.
6. Enter a password.
7. Click OK to close the Change the certificate window.
Uninstalling CFS
To uninstall CFS, go to the Windows Start Menu RadiantOne CFSUninstallers
Uninstall CFS. Follow the guided uninstall steps.
Uninstalling an RTC
To uninstall an RTC, go to the Windows Start Menu RadiantOne Uninstallers Uninstall
RTC. Follow the guided uninstall steps.