Differences

This shows you the differences between two versions of the page.

--- 79:install [2023/06/22 07:31] – [Adjust Java Heap Space] mdht
+++ 79:install [2024/03/08 10:29] – [Configure SSL] Weinlein, Thomas
@@ Line 83: / Line 83: @@
 </code>
+  * Activate the configuration
+      * Windows Start Menu: Execute “Programs > Method Park > Stages > Update Configuration”
+  * Start Stages
+      * Windows: Start the services “Stages Search” and then “Stages”
 === Establish database connection with Oracle ===
@@ Line 291: / Line 295: @@
       * Open file "<Stages installation path>\stages\config.bat"
       * Modify the red colored setting: //set TOMCAT_OPTS=–JvmMx=
- <font inherit/inherit;;#e74c3c;;inherit><RAM in MB></font> //
+ <RAM in MB> //
       * //Open a cmd with administrative permissions and navigate to folder "<Stages installation path>\stages\bin"//
       * //Reinstall the Stages service: **reinstallService.bat** //
@@ Line 298: / Line 302: @@
       * //Open file "<Stages installation path>/stages/bin/rc.conf"//
       * //Modify the red colored value: //CONF_TOMCAT_OPTS="-Xmx
- <font inherit/inherit;;#e74c3c;;inherit><RAM in MB></font>  m -XX:+UseG1GC -XX-OmitStackTraceInFastThrow"
+ <RAM in MB>  m -XX:+UseG1GC -XX-OmitStackTraceInFastThrow"
   * Restart the Stages service: **stages restart**
@@ Line 338: / Line 342: @@
 ===== Configure SSL =====
-To encrypt all connections between the users and Stages, we strongly recommend to configure SSL for the Stages server. \ In addition to the following guidelines, a detailed guide on how to easily configure SSL with Stages can be found here : [[https://download.methodpark.de/stages/static/documentation/Stages_SSL_configuration_guide.pdf|Stages_SSL_configuration_guide.pdf]]
+Please refer to [[configure_stages#configuring-tlsssl-certificate|here]].
-  * Ask for a DNS alias for the server, e.g. "stages.company.com"
-  * Ask for a SSL certificate for the server which refers to the above alias. Depending on your local procedures, this might require creating a certificate request (see [[https://www.digicert.com/kb/csr-ssl-installation/tomcat-keytool.htm|https://www.digicert.com/kb/csr-ssl-installation/tomcat-keytool.htm]] for more info).
-  * Import the SSL certificate into a keystore (see link above for more info)
-  * Configure Tomcat to use this SSL certificate (see link above for more info). The relevant Tomcat config file is located in ''<Stages installation path>/stages/conf/server.xml''  and the SSL info needs to be configured for each ''<Connector>''  section. After updating the config file, run ''bin/update.sh''  or ''bin\update.bat''  to install it at the correct location.
-  * To enforce redirection from http to https add the following to ''conf/web-customer.xml'', run ''bin/update.sh''  or ''bin\update.bat''  and restart Stages service
-<code>
-<security-constraint>
-    <display-name>Enforce HTTPS</display-name>
-    <web-resource-collection>
-        <web-resource-name>stages-public</web-resource-name>
-    </web-resource-collection>
-    <user-data-constraint>
-        <description>Force SSL for all connections.</description>
-        <transport-guarantee>CONFIDENTIAL</transport-guarantee>
-    </user-data-constraint>
-</security-constraint>
-</code>
 === Add CAs to your TrustStore ===
-For using reports in Stages, you need to add your companies root certificate and all Intermediate certificates (if existing) to the server Java truststore. The Java truststore includes all trusted root certificates. If a report tries to connect via SSL to your Stages server, it will be not executed correctly, because Java does not trust the SSL certificate. It was not issued by a Java trusted certificate authority - included in the Java truststore.
+Please refer to [[configure_stages#Use the system trust store|here]].
-  * Import your companies root certificate and all intermediate certificates (if existing) into this file: \\ <Java Development Kit Installation Directory>\jre\lib\security\cacerts
-(Linux directories may varify)
-  * Please restart Stages service after applying changes to the Java Trust Store
 ===== Accessing Stages =====
-''After successful installation process - Stages is accessible via web browser by URL [[https://localhost:8443|https://localhost:8443]] or [[http://localhost:8080|http://localhost:8080]] (depending on the SSL port) ''
+After successful installation process - Stages is accessible via web browser by URL [[https://stages.localhost|https://stages.localhost]]. As Stages is delivered with a self signed certificate your browser will warn you that the certificate is not trustworthy. For a first test you can instruct the browser to direct you to the website anyhow. After that please [[configure_stages#Configuring SSL Certificate|configure a trusted certificate]].
 ===== Change password of "root" user =====
-''Log in with the "root" user and the provided password. Click on the "Superuser" link in the bottom left corner of the navigation and change the password to a secure and unique one. ''
+Log in with the "root" user and the provided password. Click on the "Superuser" link in the bottom left corner of the navigation and change the password to a secure and unique one.
 ===== Prepare Stages for productive usage =====