To deploy CA DataMinder in Advanced Encryption Mode, first perform an administrative installation to your network of each server and client msi you intend to deploy. The administrative installation extracts the contents of the original CA DataMinder Windows Installer packages to a network folder specified by you, and in a format that can be patched to support Advanced Encryption mode.
By performing the administrative installation, you create the basic source images that you use to install CA DataMinder servers and client machines.
After you create your CA DataMinder source images, patch and customize them, deploy CA DataMinder in Advanced Encryption mode.
Finally, you can install CA DataMinder servers and client machines directly from the patched and customized source images.
To create the source images for your CA DataMinder servers and client machines, perform an administrative installation.
Run the following commands to create administrative installation source images for CA DataMinder servers and client machines. These commands launch the installation wizard, which prompts for a target folder for the source images:
msiexec /a <Path_source>\server.msi
msiexec /a <Path_source>\client.msi
msiexec /a <Path_source>\client_x64.msi
Identifies the Windows Installer package for servers on your CA DataMinder distribution media.
Identifies the Windows Installer package for client machines on your CA DataMinder distribution media.
Identifies the Windows Installer package for 64-bit client machines on your CA DataMinder distribution media.
Customize the administrative installation source images so that they install the Key Store (and associated components) on all CA DataMinder servers and client machines. Run a script supplied with the CA DataMinder Advanced Encryption Mode Enhancement solution package.
From a command prompt on your designated secure server, change to the \AdvancedEncryption folder and run the following commands:
EnableAdvancedEncryption.vbs /package:<Path_admin>\server.msi /files:<path_keystore>
EnableAdvancedEncryption.vbs /package:<Path_admin>\client.msi /files:<path_keystore>
EnableAdvancedEncryption.vbs /package:<Path_admin>\client_x64.msi /files:<path_keystore>
Identifies the server source images that you created in step 1.
Identifies the client machine source images that you created in step 1.
Identifies the 64-bit client machine source images that you created in step 1.
Identifies the path to the folder containing the Key Store and Revocation List files, keystore.dat, and revocation.properties. When you generated these files (see the previous section), they were saved in the \AdvancedEncryption\output subfolder on your secure server.
Important! Deploy your CMS before deploying the other servers and client machines!
After you customize the administrative installation source images, you can deploy CA DataMinder servers and client machines using your preferred deployment methods. For example, use the following command syntax to deploy client machines as part of a managed deployment:
msiexec /i <Path_admin>\client.msi WGNPARENTSERVERNAME=<Server>
Identifies the client machine source image that you patched in step 2 and customized in step 3.
Identifies the parent gateway or the CMS.
During the installation, the following critical files are installed: keystore.dat, revocation.properties, and wigan.java.security. As the final step in overall deployment, restrict access to these files.
|
Copyright © 2014 CA.
All rights reserved.
|
|