INSTALL KEY: xxxxxx
Allaince Manager Partner name: xxxxxx
Partner ID: xxxxxx
Stage box knexasp0800:
The Database server: knexasp0400
Unix user alliance passwd: xxxxxx
Alliance manager ADMIN password: xxxxxx
Database Name: KNEX001S
Passwd: xxxxxx (For User alliance in oracle)
Prereqs:
From knexasp0700 get (ftp to new box in /usr/local/gnu/src/pkgs)
gcc-3.2-sol8-sparc-local, top-3.5beta9-sol8-sparc-64-local, and
tar-1.13.19-sol8-sparc-local from /usr/local/gnu/src/pkgs
pkgadd -d tar-1.13.19-sol8-sparc-local /usr/local/gnu
ln -s /usr/local/gnu/usr/local/bin/gtar gtar
pkgadd -d gcc-3.2-sol8-sparc-local /usr/local
pkgadd -d top-3.5beta9-sol8-sparc-64-local /usr/local
Installing apache:
1. ftp apachedist.tar from knexasp0700 /usr/local/extricity/distributions
to new box and abstact.
2. cd to apachedist/apache_1.3.12 on new box. Copy Do a make clean
(cleans up compiled source object files. This is needed to
ganentee clean install to new enviroment). Then modify
Makefile on perameters: conf_serveradmin = root@<new_box_name>.knleadlogistics.com
conf_servername = <new_box_name>.knleadlogistics.com
3. Do a make install (this will compile and install apache to /usr/local)
4. cp /usr/local/extricity/distributions/apachedist/apache_1.3.12/conf_knlltemplat
e.tar /usr/apache.
5. Procede to ssl key generation procedure below for keys before
proceding to step 6.
6. cd /usr/apache/conf and edit httpd.conf file. Perimeters to modify:
ServerName <new_box_name>.knleadlogistics.com (do this for
all instances of this permimeter)
SSLCertificateFile /usr/apache/conf/ssl.crt/<new_box_name>.knleadlogistics.com.crt.pem
SSLCertificateKeyFile /usr/apache/conf/ssl.key/<new_box_name>.knleadlogistics.com.key.pem
SSLPassPhraseDialog exec:/usr/apache/conf/SSLppd.sh (Make sure this shell script exists see below)
SSLppd.sh script:
#this script is for the password for the cert which is xxxxx
#!/bin/sh
echo 'xxxxx'
Save this in /usr/apache/conf directory chmod 700
6A. Set MaxClients 254
7. ln -s /etc/init.d/apache /etc/rc3.d/S50apache
8. start apache and test certs.
ApacheHelp for ssl key generation:
openssl
make install
/usr/local/ssl/bin
TEST CERTIFICATE
(hit return on questions from openssl unless specified)
RUN THIS ON knexasp0200 in /usr/apache/conf
Create key and request:
openssl req -new -keyout new.cert.key > new.cert.csr
Rm passphrase from key (optional):
openssl rsa -in privkey.pem -out new.cert.key
Convert request into signed cert:
openssl x509 -in new.cert.csr -out new.cert.cert \
-> PEM pass phase: xanx732 (refer to /usr/apache/conf/SSLppd.sh)
-> Common Name (CN): <hostname>.knleadlogistics.com
-> Email Address: admin@knleadlogistics.com
Do not need to do --> Rm passphrase from key (optional):
openssl rsa -in privkey.pem -out new.cert.key
Convert request into signed cert:
openssl x509 -in new.cert.csr -out new.cert.cert \
-req -signkey new.cert.key -days 900
cp new.cert.cert
/usr/apache/conf/ssl.crt/<new_box_name>.knleadlogistics.com.crt.pem
cp new.cert.key
/usr/apache/conf/ssl.key/<new_box_name>.knleadlogistics.com.key.pem
ftp these files to new box in /usr/apache/conf in ssl.crt & ssl.key
Restart apache to update new certs.
REAL CERTIFICATE (production systems only)
openssl req -new -nodes -keyout private.key -out public.csr
openssl rsa -in private.key -des3 -out secureprivate.key
chmod 400 secureprivate.key
rm private.key
Send in public.csr:
Get back server.crt
Convert PEM to DER
openssl x509 -outform der -in server.crt -out server.der
Look at cert:
openssl x509 -text -in <file>
INSTALL Oracle database and client drivers
Install JRE get it from /usr/local/extricity/distributions
cd /usr/local/extricity/Alliance/Alliance/External/solaris-sparc/
then backup jre to jre.org
su - alliance
untar -xvf jre1.3.1.04.tar
cp all files from lib/ext folder from jre.org to the new jre folder
cp -rp jre.org/lib/ext jre/lib/ext
/init.d/alliance stop
/init.d/alliance start
check AllianceServer.log in /partnerxx/logs to verify jre version
Install Extricity:
Install the alliance startup script in init.d folder and do ln -s
/etc/init.d/alliance S90alliance
In /usr/local/extricity do mkdir -p Alliance46/Alliance and do ln -s
Alliance46 Alliance
Steps for installing Extricity (Apache including ssl must be installed and tested successfully & After Oracle is Installed with clean
database. Do not attempt to restore database until
alliance is successfully installed and tested.)
CHECK FOR .profile for user Oracle and CLASSPATH
1. run scheme for oracle
2. cd /usr/local/extricity/distributions
3. export DISPLAY=who logged in now ip host
REMEMBER: su - alliance before below
4. ./setup
From Wizard:
1. Put in password for alliance admin account thru wizard field.
2. Select oracle
3. Database Name: KNEX001S
4. Passwd: xxxxxx (For User alliance in oracle)
5. Select apache
6. HTTP PORT 80, SSL Port 443
7. SMTP server: xxxxxx@xxxxxx.com
8. Alliance manager user name: xxxxxxx@xxxxxx.com
9. Configure Diagnostics monitoring:xxxxxx
SNMP (enable) 300 polling
Enable Alliance Manager SNMP and leave blank
10. Egnore LDAP
11. Select /usr/local/extricity/Alliance to install to
12. PREY
Check Install log for no errors at /usr/local/extricity/Alliance
folder
Create alliance log files: in /partnerxx/logs
folder
AllianceISServer.log
AllianceServer.log
Installing XMLChannel software:
1. In knexasp0700 in /usr/local/extricity/alliance_xml_pkgs directory login: ftp as alliance to new box.
2. cp xmlchannel.tar.Z to server box (new box) into distributions folder
and extract.
3. cd to xmlchannel folder and run ./setup as alliance
4. In the root path for extricity enter in /usr/local/extricity/Alliance
5. Enter in the partner ID and the installer should pick up all needed prereqs for the XMLChannel. If it failed check your extricity
path.
6. Take the defaults for the channel id. Check the install file in /usr/local/extricity/Alliance
7. restart extricity and really PREY that it works.
8. Check XMLChannel SSL test.
9. Backup all install logs for future evidance of success (When the blame game starts).
**********
For hays, madrid, and monkstown (inbound & outbound subdirectories are
under the partner name):
/extricity_data/external/3pl/dispatcher/nn/
For Emery (the outbound & inbound directories are under singapore_4100): /extricity_data/external/3pl/emery/nn/singapore_4100
For Dimerco (the outbound & inbound subdirectories are under dimerco-hk):
extricity_data/external/3pl/abecas/nn/dimerco-hk
Example for monkstown (inbound):
/extricity_data/external/3pl/dispatcher/nn/monkstown/inbound
files_tmp - ftp script buffer to move files comming from
3pl to the listen tray and archive folder.
invalid (Alliance)
listen (Alliance)
processed (Alliance)
pulled_files.20021219 (ftp recieve log and
backup of 3pl files recieved from 3pl)
testfiles (Void this was only used for
testing)
work (Alliance)
Example for Monkstown (outbound):
/extricity_data/external/3pl/dispatcher/nn/monkstown/outbound
archive (ftp script archive
after push ftp transfer to 3pl)
new (Alliance dumps files to here and ftp
scripts pushes them to 3pl)
tmp (Test folder need not check)
For ftp logs for pushes to 3pl are located in /extricity_data/ftpspool/log
and the log names would be in this format: <partner_name>.log.<date>