SSH.COM is one of the most trusted brands in cyber security. We help enterprises and agencies solve the security challenges of digital transformation with innovative access management solutions.
The initial configuration is done using the Tectia Manager's web-based configuration wizard.
Note that some settings (such as hostname) are not easy to change later, so be careful when defining the values.
For the configuration, you need the Management Server URL and DNS, and the licence files.
Connect to the Management Server's URL and port 80 with a web browser. For example:
The configuration wizard starts and guides you through the configuration phases described in the following steps.
Click Next to advance to a new page, click Previous to go back a page, or click Cancel to abort the configuration and return to the Welcome page.
Welcome: This page gives an introduction. Select the configuration type:
Express configuration: Select this option to go directly from license terms to generating keys (step 4), creating a superuser account, and defining a password for it (step 9).
Expert configuration: This option goes through the entire initial configuration as described below.
Upload the license file: Click Upload (except when upgrading the Management Server).
License terms: Read the terms and accept by clicking Next.
Host name: Enter the DNS (Domain Name Service) name that the administration interface web server should use (the hostname for the machine running the service). If the name does not match the host DNS name, you will get a hostname mismatch error in the TLS connections. By default, this is also the Management Server address for managed hosts.
Generating keys: Shows the progress of creating TLS keys and certificates. The TLS key creation may take up to 10 minutes on some Solaris machines.
After the keys have been generated and you click Next, the connection will start to use TLS protection, and your browser will ask you to accept the certificate of the Tectia Manager administration interface.
If you want to use a custom key and certificate for the TLS protection of the administration interface, see Using Custom Certificate for Administration Interface.
Server user account: Select the name
of the user account that the management system can use after it relieves
the root privileges (the account created in Preparing for Installation,
Management Database: Select whether to use an external database or not. If you choose not to use an external database, go to step 11.
(With an external database) Oracle configuration: You will see this page if you chose to use an external database. You are asked to give information about your Oracle installation:
TNS_ADMIN path. If you have an existing
Oracle client configuration with a
tnsnames.ora file, you
can specify the directory of the configuration file here. Otherwise
this can be left empty.
NLS_LANG environment variable value. If this
field is left empty, the variable is not set by the Management Server. See Oracle
documentation for more information about this variable.
Global Database Name of your selected Oracle
database. This is given in format
[//]host[:port][/service], where brackets indicate
optional components. In the Global Database Name,
the domain name of your Oracle server,
port is the port
number of the Oracle server listener (if not in the standard port
service is the service name of the Oracle
server (this does not need to be specified if this is the same as the
domain name). Also if the service name and port have been configured
tnsnames.ora, they do not need to be specified
Database username and password
Superuser account: Give a name and a password for the Management Server superuser login. This is the default superuser of the system. In case the password is later forgotten, the superuser account can be restored. For instructions, see Recreating Superusers.
Confirmation: Click Next to end the initial configuration.
(If applicable) Existing tables: In case your database contains old data from an earlier installation, the wizard will ask whether it should be deleted. Keep in mind that this will delete all previous information and cannot be undone. While making a new installation, you must delete the old data, or Tectia Manager will not function correctly.
Log out and restart Management Server to activate the new features.
Now you should be able to use the Management Server administration interface at:
If the login screen is not displayed automatically, wait for 10-15 seconds and click Reload of your browser.