SSH Tectia

Initial Configuration for Management Server

The initial configuration is done using the SSH Tectia Manager's web-based configuration wizard.

[Note]Note

Note that some settings (such as hostname) are not easy to change later, so be careful when defining the values.

  1. Connect to the Management Server's URL and port 80 with a web browser. For example:

    http://mgmtserver:80/

  2. The configuration wizard starts and guides you through the configuration phases described in the following steps.

    Click Next to advance to a new page, click Previous to go back a page, or click Cancel to abort the configuration and return to the Welcome page.

  3. Welcome: This page gives an introduction. Select the configuration type:

    • Express configuration: Select this option to go directly from license terms to generating keys (step 4), creating a superuser account, and defining a password for it (step 9).

    • Expert configuration: This option goes through the entire initial configuration as described below.

  4. Upload the license file: Click Upload (except when upgrading the Management Server).

  5. License terms: Read the terms and accept by clicking Next.

  6. Host name: Enter the DNS (Domain Name Service) name that the administration interface web server should use (the hostname for the machine running the service). If the name does not match the host DNS name, you will get a hostname mismatch error in the TLS connections. By default, this is also the Management Server address for managed hosts.

  7. Generating keys: Shows the progress of creating TLS keys and certificates. The TLS key creation may take up to 10 minutes on some Solaris machines.

    After the keys have been generated and you click Next, the connection will start to use TLS protection, and your browser will ask you to accept the certificate of the SSH Tectia Manager administration interface.

    If you want to use a custom key and certificate for the TLS protection of the administration interface, see Using Custom Certificate for Administration Interface.

  8. Server user account: Select the name of the user account that the management system can use after it relieves the root privileges (the account created in Preparing for Installation, by default sshmgmt).

  9. Management Database: Select whether to use an external database or not. If you choose not to use an external database, go to step 9.

  10. (With an external database) Oracle configuration: You will see this page if you chose to use an external database. You are asked to give information about your Oracle installation:

    • TNS_ADMIN path. If you have an existing Oracle client configuration with a tnsnames.ora file, you can specify the directory of the configuration file here. Otherwise this can be left empty.

    • NLS_LANG environment variable value. If this field is left empty, the variable is not set by the Management Server. See Oracle documentation for more information about this variable.

    • Global Database Name of your selected Oracle database. This is given in format [//]host[:port][/service], where brackets indicate optional components. In the Global Database Name, host is the domain name of your Oracle server, port is the port number of the Oracle server listener (if not in the standard port 1521), and service is the service name of the Oracle server (this does not need to be specified if this is the same as the domain name). Also if the service name and port have been configured in tnsnames.ora, they do not need to be specified here.

    • Database username and password

  11. Superuser account: Give a name and a password for the Management Server superuser login. This is the default superuser of the system. In case the password is later forgotten, the superuser account can be restored. For instructions, see Recreating Superusers.

  12. Confirmation: Click Next to end the initial configuration.

  13. (If applicable) Existing tables: In case your database contains old data from an earlier installation, the wizard will ask whether it should be deleted. Keep in mind that this will delete all previous information and cannot be undone. While making a new installation, you must delete the old data, or SSH Tectia Manager will not function correctly.

  14. Log out and restart Management Server to activate the new license features.

Now you should be able to use the Management Server administration interface at:

https://mgmtserver

If the login screen is not displayed automatically, wait for 10-15 seconds and press the Reload button of your browser.