CA RiskMinder UNIX Installation Guide › Deploying RiskMinder on a Distributed System › Performing Post-Installation Tasks on the First System › Bootstrapping the System › Performing Bootstrapping Tasks

Performing Bootstrapping Tasks

When you first log in to Administration Console as the Master Administrator (MA), the Summary screen for the Bootstrap wizard screen appears.

To bootstrap the system by using the wizard:

1. Click Begin to start the process.

   The Change Password screen appears.

2. Specify the Current Password, New Password, Confirm Password, and click Next.

   The Configure Global Key Label screen appears.

3. On the Configure a Global Key Label page:
   • Specify the Global Key Label.

     RiskMinder enables you to use hardware- or software-based encryption of your sensitive data. You can enable hardware-based encryption by using the arcotcommon.ini file. Software-based encryption is enabled by default. Regardless of whether you select hardware- or software-based encryption, all Advanced Authentication products use Global Key Label for encrypting user and organization data.

     If you select hardware-based encryption, then this label serves only as a reference (or pointer) to the actual 3DES key stored in the HSM device, and therefore must match the HSM key label. In the case of software-based encryption, this label acts as the key.

     Caution: After you complete the bootstrapping process, you cannot update this key label.

   • Specify the Storage Type to indicate whether the encryption key is stored in the database (Software) or the HSM (Hardware).
4. Click Next to continue.

   The Configure Default Organization screen appears.

5. Under the Default Organization Configuration section, specify the following parameters for the Default Organization:
   • Display Name: The descriptive name of the organization. This name appears on all other Administration Console pages and reports.
   • Administrator Authentication Mechanism: The mechanism that is used to authenticate administrators who belong to the Default Organization. Administration Console supports three types of authentication methods for the administrators to log in:
     • LDAP User Password

       If you select this option, then the administrators are authenticated by using their credentials that are stored in the directory service.

       Note: If this mechanism is used for authenticating administrators, then deploy UDS by performing the procedure that is described in Deploying User Data Service (UDS).

     • Basic

       If you select this option, then the built-in authentication method that is provided by Administration Console is used for authenticating the administrators.

     • WebFort Password

       If you select this option, then the credentials are issued and authenticated by the AuthMinder Server. To use this feature, install the CA AuthMinder Server.

   Book: See the CA AuthMinder Installation and Deployment Guide for more information about installing and configuring AuthMinder.

6. Under the Key Label Configuration section of the Configure Default Organization screen, specify the following values:
   • Use Global Key: This option is selected by default. Deselect this option if you want to override the Global Key Label you specified in the preceding step and specify a new label for encryption.
   • Key Label: If you deselected the Use Global Key option, then specify the new key label that you want to use for the Default Organization.
   • Storage Type: This field indicates whether the encryption key is stored in the database (Software) or the HSM (Hardware).
7. Click Finish to complete the bootstrapping process.

   The Administration Console initialization is completed, as indicated in the Finish screen.

8. Click Continue to proceed with other configurations by using Administration Console.