Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision | Next revision Both sides next revision | ||
tutorial:adm:czechidm_installation_win [2020/10/21 08:55] fiserp [Create CzechIdM configuration] |
tutorial:adm:czechidm_installation_win [2020/11/18 14:46] urbanl Guide upgrade to support postgres 12 and java open-jdk 11 - #2503 |
||
---|---|---|---|
Line 22: | Line 22: | ||
Use the pgAdmin or PSQL to test the database connection under the '' | Use the pgAdmin or PSQL to test the database connection under the '' | ||
==== JDBC driver installation ==== | ==== JDBC driver installation ==== | ||
- | Download the PostgreSQL JDBC driver from the [[https:// | + | Download the newest |
==== Configure environment properties. Select application profile ==== | ==== Configure environment properties. Select application profile ==== | ||
Run the **Monitor Tomcat** application from the Start menu. Configure following settings: | Run the **Monitor Tomcat** application from the Start menu. Configure following settings: | ||
- | * Add '' | + | * Add '' |
* Add '' | * Add '' | ||
- | |||
- | === Change Tomat logging properties === | ||
- | |||
- | In order to set-up log rotation we need stop logging to stdout and start logging to catalina.log . | ||
- | |||
- | Make these changes in file '' | ||
- | Comment out console handler. We don't want tomcat to log to stdout or stderr. | ||
- | < | ||
- | handlers = 1catalina.org.apache.juli.AsyncFileHandler, | ||
- | #handlers = java.util.logging.ConsoleHandler | ||
- | |||
- | .handlers = 1catalina.org.apache.juli.AsyncFileHandler | ||
- | #.handlers = java.util.logging.ConsoleHandler, | ||
- | |||
- | # | ||
- | # | ||
- | </ | ||
- | In 1catalina file handler change log level to " | ||
- | < | ||
- | # | ||
- | # | ||
- | 1catalina.org.apache.juli.AsyncFileHandler.level = INFO | ||
- | 1catalina.org.apache.juli.AsyncFileHandler.directory = ${catalina.base}/ | ||
- | 1catalina.org.apache.juli.AsyncFileHandler.prefix = tomcat | ||
- | 1catalina.org.apache.juli.AsyncFileHandler.rotatable = false | ||
- | 1catalina.org.apache.juli.AsyncFileHandler.suffix = .log | ||
- | </ | ||
- | |||
==== Create CzechIdM configuration folders ==== | ==== Create CzechIdM configuration folders ==== | ||
Line 77: | Line 49: | ||
openssl genrsa -out fakecert.key | openssl genrsa -out fakecert.key | ||
# if the following command fails, remove the parameter -subj and supply the values interactively | # if the following command fails, remove the parameter -subj and supply the values interactively | ||
- | openssl req -new -key fakecert.key -out fakecert.csr -subj "/C=CZ/ST=Czech Republic/L=Prague/O=BCV/CN=CzechIdM placeholder cert" | + | openssl req -new -key fakecert.key -out fakecert.csr -subj "//C=CZ\ST=Czech Republic\L=Prague\O=BCV\CN=CzechIdM placeholder cert" |
openssl x509 -req -in fakecert.csr -signkey fakecert.key -days 1 -sha256 -out fakecert.crt | openssl x509 -req -in fakecert.csr -signkey fakecert.key -days 1 -sha256 -out fakecert.crt | ||
keytool -importcert -file fakecert.crt -alias placeholder-cert -keystore truststore.jks | keytool -importcert -file fakecert.crt -alias placeholder-cert -keystore truststore.jks | ||
Line 95: | Line 67: | ||
Now we will create configuration files the CzechIdM will use. | Now we will create configuration files the CzechIdM will use. | ||
< | < | ||
- | * The **C: | + | * The **C: |
cd / | cd / | ||
# start the vim editor | # start the vim editor | ||
vim secret.key | vim secret.key | ||
# press " | # press " | ||
- | # type the 16 or 32 characters of the secret key | + | # type the 16 characters of the secret key |
# press ESC to switch to command mode | # press ESC to switch to command mode | ||
# type :wq | # type :wq | ||
# press ENTER | # press ENTER | ||
# now you should see that secret.key file has been created, check its contents | # now you should see that secret.key file has been created, check its contents | ||
- | # the file should be EXACTLY 17 or 33 BYTES LONG, 16 or 32 bytes for your key and the last byte " | + | # the file should be EXACTLY 17 BYTES LONG, 16 bytes for your key and the last byte " |
xxd -p secret.key | xxd -p secret.key | ||
... hex dump here ... text dump here ... | ... hex dump here ... text dump here ... | ||
Line 131: | Line 103: | ||
<include resource=" | <include resource=" | ||
< | < | ||
- | | + | |
+ | < | ||
+ | < | ||
+ | < | ||
+ | < | ||
+ | |||
+ | < | ||
+ | < | ||
+ | < | ||
+ | < | ||
+ | < | ||
+ | < | ||
+ | </ | ||
+ | </ | ||
+ | |||
+ | < | ||
+ | < | ||
+ | < | ||
+ | </ | ||
+ | |||
+ | | ||
+ | < | ||
+ | </ | ||
+ | | ||
<logger name=" | <logger name=" | ||
<logger name=" | <logger name=" | ||
<logger name=" | <logger name=" | ||
<logger name=" | <logger name=" | ||
- | < | + | |
- | < | + | |
- | < | + | |
- | | + | |
- | </ | + | |
- | </ | + | |
- | < | + | |
- | < | + | |
- | < | + | |
- | < | + | |
- | </ | + | |
- | </ | + | |
- | <root level=" | + | |
- | < | + | |
- | </ | + | |
</ | </ | ||
</ | </ |