installation guide - radiant logic

CFS INSTALLATION GUIDE V3.X

CFS Installation Guide

Table of Contents

Installation Prerequisites ........................................................................ 2

CFS Requirements .................................................................................................. 2

Supported Operating Systems ............................................................................................ 2

Minimum Hardware Requirements ...................................................................................... 2

Supported Applications ....................................................................................................... 2

Firewall Ports ...................................................................................................................... 2

Other .................................................................................................................................. 2

Radiant Trust Connector Requirements .................................................................. 3

RadiantOne CFS ................................................................................... 3

Installing CFS .......................................................................................................... 3

Changing the Default SSL Certificate in IIS ......................................................................... 6

Updating the VDS Certificate .............................................................................................. 8

Radiant Trust Connectors ...................................................................... 9

Installing an RTC ..................................................................................................... 9

Verifying the RTC Configuration.........................................................................................10

Adding a Certificate to use with an RTC .............................................................................12

Uninstalling CFS .................................................................................. 14

Uninstalling an RTC ............................................................................. 14


Installation Prerequisites

This section describes the prerequisites for installing the Cloud Federation Service (CFS) and

Radiant Trust Connectors (RTCs). CFS does not have to be installed on a VDS server;

however, the VDS server must be accessible to the server that CFS is installed on.

CFS Requirements

Windows users without administrator privileges may launch the CFS installer; however,

administrator credentials are required to complete the CFS installation. You will be prompted to

enter the administrator credentials during installation. SSL must be enabled on the VDS prior to

installing CFS.

Supported Operating Systems

Windows Server 2008 R2

Windows Server 2012

Windows Server 2012 R2

Minimum Hardware Requirements

Memory: 1GB

Disk Space: 750 MB

CPU: Intel Pentium 2.4GHz or equivalent

Supported Applications

A list of supported applications is available in the CFS System Administrator dashboard. Refer

to Applications Web Gallery Node in the dashboard for more information.

Firewall Ports

CFS must access RadiantOne VDS on the configured LDAP SSL port which by default is 636.

This port must be opened between the CFS and VDS machines.

Client browsers must access CFS on HTTP port 443.

SMTP is used to send automated emails from CFS. Please make sure the CFS machine can

access your SMTP server through the configured port.

Other

.NET Framework 4.5

ASP.NET v4Radiant


Radiant Trust Connector Requirements

IIS 7.5 (or higher)

RadiantOne CFS

The RadiantOne CFS and Radiant Trust Connector (RTC) install files are available via an FTP

site. Contact [email protected] for access information.

Installing CFS

The CFS installer automatically installs all the required components (including the monitoring

console), makes the necessary configurations, and creates a new web site in IIS.

To install CFS:

1. Log in to the Windows machine with the user you want to run CFS. This user does not

require Administrator privileges, but administrator credentials are required to complete

the installation CFS process.

2. Double click the executable (Radiant Logic, Inc. - Cloud Federation Service - <version

#>.exe) downloaded from the FTP site. The CFS installer launches.

3. Click the “I agree to the license terms and conditions” check box and click Install.

4. When asked if you want to allow CFS to make changes to the computer, click Yes. If

prompted, enter an administrator password.

Figure 1: Enter an administrator password.

mailto:[email protected]


Figure 2: The CFS installer automatically configuring all required components

5. The VDS SSL certificate must be trusted on the CFS machine (in the computer

certificate store).

6. Enter the VDS connection parameters. This is the connection to the VDS that CFS will

point to for authenticating users and retrieving attributes. Since CFS connects to VDS

over SSL (and the FQDN of the VDS machine is the subject in the generated certificate),

you must enter the FQDN for the host. To make sure you have the correct address for

your VDS, open the SSL certificate and use the issuer property for the host.


Figure 3: VDS Configuration during the CFS installation

Important Note –During the install of CFS, the public key will be retrieved from

the VDS server certificate and will be used to encrypt the communication

between CFS and VDS. For more details, see Updating the VDS Certificate.

7. Click Next. This completes the configuration portion of the installation.


Figure 4: Click the Install button

8. Click Install.

9. Click Finish.

Changing the Default SSL Certificate in IIS

If no SSL certificate is present prior to installation, the CFS installer installs a self-signed

certificate in IIS to enable HTTPS. This certificate should be replaced. If it is not replaced, a web

browser warning message will be displayed when users try to access the CFS portal site

because the certificate is not valid.

Figure 5: Self-signed certificate to be replaced in IIS


To change the server certificate:

1. Open the IIS Manager and navigate to the CFS website.

Figure 6: CFS Website in IIS Manager

2. On the right side of the IIS Manager, under the Actions menu, click “Bindings…”

Figure 7: Actions menu Bindings

3. Select the https binding, and click “Edit…”

Figure 8: Site Bindings Edit

4. From the “SSL Certificate” drop-down menu, select the certificate you want to install in

IIS. (This certificate must contain a private key, and should be issued from a Certificate

Authority).


Figure 9: Selecting the SSL certificate to install in IIS

5. Click OK to close the Edit Site Binding box.

6. Click Close the Site Bindings box.

Updating the VDS Certificate

If you change the VDS server certificate, perform the following steps.

1. Open IIS Manager and navigate to the CFS Website -> cfs folder.

2. On the right-hand side (in the Features View), double-click on .

3. On the right-hand side, under the “Actions” section, click on Change the VDS.

4. Enter the password for the VDS directory manager account and click OK.

5. Restart IIS.

6. Launch the CFS portal page to verify that the new VDS server certificate can be properly

used by CFS. The VDS certificate used by CFS will be updated upon successfully

reconnecting.


Radiant Trust Connectors

Install an RTC for each Active Directory domain you want to use as an Authentication System

within CFS. RTCs must be associated with an Application Pool on .NET 4. The installation must

be on an SSL connection. It is advised that the default self-signed certificate for each RTC be

replaced with a certificate designated exclusively for use by that RTC.

Installing an RTC

To install an RTC:

1. Double click Radiant Logic, Inc. CFS Radiant Trust Connector - <version#>.exe.

2. Check the “I agree to the license terms and conditions” check box and click Install.

3. When asked if you want to allow the installer to make changes to the computer, click

Yes. If prompted, enter an administrator password.

4. Follow the installer instructions. The installer automatically downloads the RTC to the

default RTC site in IIS.

5. Click Next.

6. Click Install.


Figure 10: Radiant Trust Connector installer

7. Click Finish to exit the installer.

Verifying the RTC Configuration

Verify that the RTC is configured correctly. Check if you can access the RTC site:

1. Open the IIS Manager and navigate to the RTC site (RadiantOne Cloud Federation

Service CFS Website).

2. Select the CFS Website application.

Figure 11: IIS Manager, CFS Website Home


3. Go to Manage Application Browse Application and click “Browse *:443(https)”

Figure 12: Select “Browse*:443(https)

4. If there is a Certificate Error warning, select “Continue to this website”.

Figure 13: Certificate Error warning

5. If you are asked if you want to view only the webpage content that was delivered

securely, choose “No.”

Note – This warning is displayed if you have not yet installed a trusted SSL

certificate in IIS. You should replace the default certificate installed by the CFS

installer with a new one designated specifically for use by CFS. This certificate

should be issued by a Certificate Authority. For instructions on how to change

the certificate in IIS, refer to Adding a Certificate to use with an RTC.

6. You should now be at the Radiant Trust Connector site.

Note – The website loads slowly the first time you navigate to your newly

installed RTC.


Figure 14: Radiant Trust Connector Site

Adding a Certificate to use with an RTC

When deploying in a production environment, you should replace the certificate with a certificate

issued by a Certificate Authority. This section describes the method for replacing the certificate

to use with the RTC.

To add a certificate to use with an RTC:

1. Navigate to the RTC on IIS Manager.

2. In the list of features, click “Radiant Trust Connector.”


Figure 15: IIS Manager, RTC

The default certificate for the RTC is displayed.


Figure 16: Default certificate used by the RTC

3. In the actions list, click “Change the certificate.” The Change the certificate window is

displayed.

Figure 17: Change the certificate

4. Click the browse (“…”) button next to the Certificate file (.pfx) field.

5. Select a .pfx file and click OK.

6. Enter a password.

7. Click OK to close the Change the certificate window.

Uninstalling CFS

To uninstall CFS, go to the Windows Start Menu RadiantOne CFSUninstallers

Uninstall CFS. Follow the guided uninstall steps.

Uninstalling an RTC

To uninstall an RTC, go to the Windows Start Menu RadiantOne Uninstallers Uninstall

RTC. Follow the guided uninstall steps.

installation guide - radiant logic

Documents