Installing on the First System

CA RiskMinder UNIX Installation Guide › Deploying RiskMinder on a Distributed System › Installing on the First System

Installing on the First System

In a distributed scenario, you typically install RiskMinder Server on the first system. Custom installation allows you to install only the selected components from the package. This option is recommended for advanced users.

Note: Before you begin the installation, ensure that all prerequisite software components are installed and the database is set up, as described in chapter, "Preparing for Installation".

Follow these steps:

Log in and navigate to the directory where you untarred the installer.
Ensure that you have the permissions required to run the installer. If not, run the following command:
- On Solaris: chmod a=rx Arcot-RiskFort-3.1-Solaris-Installer.bin
- On Linux: chmod a=rx Arcot-RiskFort-3.1-Linux-Installer.bin
Run the installer by typing the following command and then pressing Enter:
- For Solaris:
  prompt> sh Arcot-RiskFort-3.1-Solaris-Installer.bin
- For Linux:
  prompt> sh Arcot-RiskFort-3.1-Linux-Installer.bin
Note: If you are running the installer with root login, then a warning message appears. Enter Y to continue, or enter N to quit the installation. If you exit the installer screen, then run the installer again.

The Welcome screen appears.
Press Enter to continue with the installation.
The License Agreement screen appears.
On the License Agreement screen:
1. Carefully read the text and press Enter to display the next screen of the license text. You may have to press Enter multiple times, until the entire text for License Agreement is displayed.
  At the end of the license agreement, you will be prompted for acceptance of the terms of license agreement (DO YOU ACCEPT THE TERMS OF LICENSE AGREEMENT?).
2. Enter y to accept the acceptance of License Agreement and to continue with the installation.
Note: If you press n, then a warning message is displayed and the installation is aborted.

The Choose Installation Location screen appears.
As directed on the screen, you can perform one of the following steps:
- Specify the absolute path of the directory where you want to install RiskMinder and press Enter to continue.
  Note: The installation directory name that you specify must not contain any spaces. Otherwise, some RiskMinder scripts and tools may not function as intended.
- Press Enter to accept the default directory that is displayed by the installer.
The installer displays the installation options that are supported by RiskMinder.
(Applicable only if you are installing on a system that already has an existing Advanced Authentication product installed) The installer displays the following options:
- 1 - Enter a new path.
- 2 - Use the location at which the existing Advanced Authentication product is installed.
(Applicable only if you are installing on a system that already has an existing Advanced Authentication product installed) Select the required option and press Enter to continue with the installation.
Note: If you selected option 1 or 2, then a new directory named arcot is created in the specified location.

The Installation Type screen appears. This screen displays the installation types (Complete and Customize) supported by RiskMinder.
Type 2 and press Enter to accept the Customize installation option and to continue with the installation.
The Choose Product Features screen appears. This screen enables you to select the specific components that you want to install on the system.
Specify a comma-separated list (without any space between the comma and the number) of numbers representing the RiskMinder components you want to install and press Enter to continue.
The following table describes all the components that are installed by the RiskMinder installer.

Option	Component	Description
1	Arcot Risk Evaluation Server	This option installs the core Processing engine (RiskMinder Server) that serves the following requests from Administration Console: Risk Evaluation User Management Configuration In addition, this component also installs the following Web services that have been built into the server: Risk Evaluation Web Service - Provides the web-based programming interface for risk evaluation with RiskMinder Server. Administration Web Service - Provides the web-based programming interface used by the RiskMinder Administration Console.
2	Arcot Case Management Queuing Server	This option installs the core Queuing engine (Case Management Queuing Server) that allocates cases to the Customer Support Representatives (CSRs) who work on these cases. Note: At any given point in time, all instances of Administration Console can only connect to this single instance of the Case Management Queuing Server.
3	Arcot RiskFort SDKs and Sample Application	This option provides programming interfaces (in form of APIs and Web services) that can be invoked by your application to forward risk evaluation requests to RiskMinder Server. This package comprises the following sub-components: Risk Evaluation SDK - Provides the Java programming interface for risk evaluation with RiskMinder Server. Sample Application - Demonstrates the usage of RiskMinder Java APIs. In addition, it can also be used to verify if RiskMinder was installed successfully, and if it is able to perform risk evaluation requests. Refer to chapter, "Configuring RiskMinder SDKs and Web Services" for more information about configuring these components.
4	Arcot Administration Console	This option provides the Web-based interface for managing RiskMinder Server and risk evaluation-related configurations.
5	Arcot User Data Service	This option installs UDS that acts as an abstraction layer for accessing different types of user repositories, such as relational databases (RDBMSs) and directory servers (LDAPs.)

For example, to install RiskMinder Server, Case Management Queuing Server, and Administration Console (without the SDKs and Sample Application) on the current system, you specify:

1,2,4,5

Note: If the Server component was not selected for installation on this screen, then the screens in Step 11 through Step 16 are not shown.

The Database Type screen appears. This screen lists the database types that are supported by RiskMinder.

Note: If you are installing in a location where an Advanced Authentication product is already installed, then the installer uses the same database configuration as the installed product. As a result, the screens in Step 11 through Step 15 are not shown.

Specify the number corresponding to your choice of database, and press Enter to continue:
- 1 - Microsoft SQL Server
- 2 - Oracle Database
- 3 - MySQL
The Primary Database Access Configuration screen appears.
On the Primary Database Access Configuration screen:
- Specify the information that is listed in the following table if you specified 1 (SQL Server) in the preceding step.

Parameter	Description
Primary ODBC DSN	The installer creates the DSN by using this value. RiskMinder Server uses then this DSN to connect to the RiskMinder database. The recommended value to enter is arcotdsn. Note: Database Source Name (DSN) specifies the information that is required to connect to a database by using an ODBC driver. This information includes database name, directory, database driver, User ID, and password.
User Name	The database user name for RiskMinder to access the database. This name is specified by the database administrator. (MS SQL Server, typically, refers to this as login.) Note: The User Name for the Primary and Backup DSNs must be different.
Password	The password associated with the User Name you specified in the previous field and which is used by RiskMinder to access the database. This password is specified by the database administrator.
Server Name	The host name or IP address of the RiskMinder datastore. Default Instance Syntax: <server_name> Example: demodatabase
Database	The name of the MS SQL database instance.

Specify the information that is listed in the following table if you specified 2 (Oracle) in the preceding step.

Parameter	Description
Primary ODBC DSN	The installer creates the DSN by using this value. RiskMinder Server uses then this DSN to connect to the RiskMinder database. The recommended value to enter is arcotdsn. Note: Database Source Name (DSN) specifies the information that is required to connect to a database by using an ODBC driver. This information includes database name, directory, database driver, User ID, and password.
User Name	The database user name for RiskMinder to access the database. This name is specified by the database administrator. Note: The User Name for the Primary and Backup DSNs must be different.
Password	The password associated with the User Name you specified in the previous field and which is used by RiskMinder to access the database. This password is specified by the database administrator.
Service ID	The Oracle System Identifier (SID) that refers to the instance of the Oracle database running on the server.
Port No	The port at which the database listens to the incoming requests. Note: Press Enter, if you want to accept the default port.
Host Name	The host name or IP address of the RiskMinder datastore. Syntax: <server_name> Example: demodatabase

Specify the information that is listed in the following table if you specified 3 (MySQL) in the preceding step.

Parameter	Description
Primary ODBC DSN	The installer creates the DSN by using this value. RiskMinder Server uses then this DSN to connect to the RiskMinder database. The recommended value to enter is arcotdsn. Note: Database Source Name (DSN) specifies the information that is required to connect to a database by using an ODBC driver. This information includes database name, directory, database driver, User ID, and password.
User Name	The database user name for RiskMinder to access the database. This name is specified by the database administrator. Note: The User Name for the Primary and Backup DSNs must be different.
Password	The password associated with the User Name you specified in the previous field and which is used by RiskMinder to access the database. This password is specified by the database administrator.
Server Name	The host name or IP address of the RiskMinder datastore. Default Instance Syntax: <server_name> Example: demodatabase Named Instance Syntax: <server_name>\<instance_name> Example: demodatabase\instance1
Database	The name of the MySQL database instance.

The screen to configure backup database access appears.

On the backup database access configuration screen, perform one of the following steps:
- Type N to skip the configuration of the secondary DSN, when prompted, and press Enter to continue to the next screen.
- Type Y to configure the secondary DSN, when prompted, and press Enter to continue.
  See the tables in the previous step for database-specific information about the tasks to be performed.
Press Enter to continue.
The Encryption Configuration screen appears. Use this screen to select the encryption mode and configure the information that is used for encryption.
Specify the following information and press Enter to continue:

Field Name	Description
Master Key	Specify the password for the Master Key, which is stored at <install_location>/arcot/conf/securestore.enc and will be used to encrypt the data stored in the database. By default, this value is set to MasterKey. Note: If you want to change the value of Master Key after the installation, then regenerate securestore.enc with a new Master Key value. See appendix, "Changing Hardware Security Module Information After the Installation" for more information.
Do you want to configure HSM Module?	Enter y if you want to use a Hardware Security Module (HSM) to encrypt the sensitive data or enter n to use the software encryption. If you do not select this option, then, by default, the data is encrypted by using the Software Mode.
Choose Hardware Module	Choose one of the following HSMs that you plan to use: 1 - Luna HSM 2 - nCipher netHSM
HSM PIN	Enter the password to connect to the HSM.
Note: The HSM parameter values are recorded in arcotcommon.ini at <install_location>/arcot/conf. To change these values after installation, edit this file by following the instructions given in appendix, "Configuration Files and Options".	Set the following HSM information: Shared Library: The absolute path to the PKCS#11 shared library corresponding to the HSM. For Luna (libCryptoki2.so) and for nCipher netHSM (libcknfast.so), specify the absolute path and name of the file. Storage Slot Number: The HSM slot where the 3DES keys used for encrypting the data are available. The default value for Luna is 0, and for nCipher netHSM the default value is 1. The Pre-Installation Summary screen appears. This screen lists the product details, installation directory, type of installation, and components that are to be installed.

Carefully review the product details displayed and press Enter to proceed with the installation. If you would like to change a configuration on any of the previous screens, type back until you reach the screen, make the required changes, and press Enter to proceed to the next screen.
The Installing screen appears. This may take several minutes, because the installer now:
- Copies all the components and their related binaries in the installation directory.
- Stores database settings in the arcotcommon.ini file and the password in the securestore.enc file.
- Writes to the required INI files.
- Sets the environment variables such as, JNI_LIBRARY_PATH for Administration Console and ODBC_HOME, ODBCINI, ORACLE_HOME, and ORACLE_LIB_PATH in the arrfenv file.
- Creates or overwrites, as specified in a previous screen, the Primary DSN and Backup DSN (if selected and configured) by using the selected ODBC driver in the odbc.ini file.
After the preceding tasks are completed successfully, the Installation Complete screen appears.
Press Enter to exit the installer.
You may have to wait for a few minutes (for the installer to clean up temporary files) until the prompt re-appears.
Check the installation log file (Arcot_RiskFort_Install_<timestamp>.log), which is available in the <install_location>/arcot/ directory.
Ensure that UTF-8 support is enabled:
1. Navigate to the <install_location>/arcot/odbc32v70wf/odbc.ini file.
2. Locate the [ODBC] section.
3. Ensure that the IANAAppCodePage=106 entry is present in the section.
4. If you do not find this entry, then add it.
5. Save and close the file.

Note: After the installation is completed, perform the post-installation tasks that are discussed in "Performing Post-Installation Tasks on the First System".

Installation Logs

After installation, you can access the installation log file (Arcot_RiskFort_Install_<timestamp>.log) in the <install_location> directory. For example, if you had specified the /opt directory as the installation directory, then the installation log file is created in the /opt directory.

If the installation fails for some reason, then error messages are recorded in this log file.