IBM Sterling Secure Proxy: Instalação do SSP Configuration Manager

From Wiki

Pré-instalação

Required Files

  • SSP.V6010.Linux.zip -> IBM Sterling Secure Proxy Server V6.0.1.0 Linux x86_64

Linux User

First you need to create a user on you Linux host

useradd sspcmuser

Change password

passwd sspcmuser

Login with sspcmuser to do installation

Unpack installers

1) Create temporary directories

mkdir -p /home/sspcmuser/installers/

copy file SSP.V6010.Linux.zip to directory /home/sspcmuser/installers

2) Unzip pakages

cd /home/sspcmuser/installers

unzip SSP.V6010.Linux.zip 

Copiar o certificados do Sterling Secure Proxy (SSP) Server

Durante a instalação do SSP Server foram gerados os certificados utilizados pelo servidor. É preciso copiar alguns destes certificados para permitir que o Sterling Secure Proxy Configuration Manage (SSPcm) consiga conectar ao servidor.

Em produção o SSP e o SSPcm devem em máquinas separadas por questão de segurança.

Fazendo a cópia

[sspcmuser$ ˜] cd /home/sspcmuser

scp [email protected]:/home/sspuser/IBM/SSP/defKeyCert.txt .

Instalação do IBM Sterling Secure Proxy Configuration Manager

Executando o instalador

Change directory

cd /home/sspcmuser/installers/Linux64

Run installer

sh SSPcm.V6011.Linux_X64.bin  
Preparing to install
Extracting the JRE from the installer archive...
Unpacking the JRE...
Extracting the installation resources from the installer archive...
Configuring the installer for this system's environment...

Launching installer...
===============================================================================
IBM Secure Proxy Configuration Manager 6.0.1.1   (created with InstallAnywhere)
-------------------------------------------------------------------------------

Preparing CONSOLE Mode Installation...

Pressione ENTER

===============================================================================
Introduction
------------

InstallAnywhere will guide you through the installation of

IBM Secure Proxy Configuration Manager 6.0.1.1

Respond to each prompt to proceed to the next step in the installation.

You may cancel this installation at any time by typing <ctrl> c

PRESS <ENTER> TO CONTINUE: 

Pressione 1 para aceitar a licença

===============================================================================
    International Program License Agreement
    
    Part 1 - General Terms
    
    BY DOWNLOADING, INSTALLING, COPYING, ACCESSING, CLICKING ON AN
    "ACCEPT" BUTTON, OR OTHERWISE USING THE PROGRAM, LICENSEE AGREES TO
    THE TERMS OF THIS AGREEMENT. IF YOU ARE ACCEPTING THESE TERMS ON
    BEHALF OF LICENSEE, YOU REPRESENT AND WARRANT THAT YOU HAVE FULL
    AUTHORITY TO BIND LICENSEE TO THESE TERMS. IF YOU DO NOT AGREE TO
    THESE TERMS,
    
    * DO NOT DOWNLOAD, INSTALL, COPY, ACCESS, CLICK ON AN "ACCEPT" BUTTON,
    OR USE THE PROGRAM; AND
    
    * PROMPTLY RETURN THE UNUSED MEDIA, DOCUMENTATION, AND PROOF OF
    ENTITLEMENT TO THE PARTY FROM WHOM IT WAS OBTAINED FOR A REFUND OF THE
    AMOUNT PAID. IF THE PROGRAM WAS DOWNLOADED, DESTROY ALL COPIES OF THE
    PROGRAM.
 
Press Enter to continue viewing the license agreement, or enter "1" to 
   accept the agreement, "2" to decline it, "3" to print it, or "99" to go back
   to the previous screen.: 1

Informar o diretório de instalação e confirmar

===============================================================================
Choose Installation Folder
--------------------------

Where would you like to install?

  Default Install Folder: /opt/Sterling/SSPcm

ENTER AN ABSOLUTE PATH, OR PRESS <ENTER> TO ACCEPT THE DEFAULT
      : /home/sspcmuser/IBM/SSPcm

INSTALL FOLDER IS: /home/sspcmuser/IBM/SSPcm
   IS THIS CORRECT? (Y/N): Y

Pressione ENTER para aceitar a porta default

===============================================================================
Specify Configuration Manager Listen Port
-----------------------------------------

Enter the SSP Configuration Manager Listen Port #.

ENTER PORT NUMBER, OR PRESS <ENTER> TO ACCEPT DEFAULT (Default: 62366): 


O instalador informa a politíca de senha, pressione ENTER

===============================================================================
Password policy
---------------

Passwords must be 6 to 28 characters string with at least one digit, one upper
case letter, one lower case letter, one special symbol !@#$%^& and not more 
than 2 consecutive character repetition

------------------------------------------------------------------------------

PRESS <ENTER> TO CONTINUE: 

Informe a PASSPHRASE, confirme a PASSPHRASE

===============================================================================
Specify Passphrase
------------------

Enter the passphrase required to unlock the key that allows encryption and 
decryption of configuration files.


ENTER THE PASSPHRASE: 

===============================================================================
Confirm Passphrase
------------------


CONFIRM THE PASSPHRASE: 

Informe a senha do admin, confirme a senha

===============================================================================
Specify Password
----------------

Enter the password required for admin to login



ENTER THE PASSWORD: 

===============================================================================
Confirm Password
----------------


CONFIRM THE PASSWORD: 

Pressione ENTER para aceitar a porta default

===============================================================================
Specify Web Server Port
-----------------------

Enter the port number the SSP web server will use to listen for requests from
its web-based interface.

The same port number will be entered in the address bar of the interface to
connect it to the server.

ENTER PORT NUMBER, OR PRESS <ENTER> TO ACCEPT DEFAULT (Default: 8443): 

Pressione ENTER

===============================================================================
Pre-Installation Summary
------------------------

Please Review the Following Before Continuing:

Product Name:
    IBM Secure Proxy Configuration Manager 6.0.1.1

Install Folder:
    /home/sspcmuser/IBM/SSPcm

Disk Space Information (for Installation Target): 
    Required:     352,634,245 Bytes
    Available: 40,671,293,440 Bytes

PRESS <ENTER> TO CONTINUE: 


===============================================================================
Installing...
-------------

 [==================|==================|==================|==================]
 [------------------|------------------|------------------|------------------]

Configuração dos certificados

O instalador do SSPcm irá solicitar os certificados gerados na instalação do SSP. Pressione 1

===============================================================================
Select Default Key Certificate
------------------------------

Before you can begin production, you must import/generate a secure 
certificate. The default configuration uses a single key to secure the 
connection between the engine and CM.

    1- Import Key Certificate
    2- Generate Key Certificate

ENTER THE NUMBER OF THE DESIRED CHOICE: 1


Informe o arquivo dos certificados

===============================================================================
Location for the Self Signed Key Certificate
----------------------------------------------

You must provide Key Cert Location for the Self Signed Certificate

ENTER Key Cert Location, OR PRESS <ENTER> TO ACCEPT DEFAULT (Default:
   /home/sspuser/defKeyCert.txt): /home/sspuser/defKeyCert.txt

Informe a senha para acessar os certificados

===============================================================================
Password used for Key Cert export
----------------------------------------------

You must provide Password for KeyCert export

Enter the Password for KeyCert export: 

Pressione ENTER, para encerrar o instalador

===============================================================================
Installation Complete
---------------------

Congratulations. IBM Secure Proxy Configuration Manager 6.0.1.1 has been 
successfully installed to:

   /home/sspuser/IBM/SSPcm

PRESS <ENTER> TO EXIT THE INSTALLER: 

Veja os próximos passos abaixo

Ver também