SRLM Logo
Home
Design
How To
Compare
Contact Us
SourceForge Resources
Summary
Discussion
Download

How to Install the Server

Basic Requirements

  • OpenSSL 0.9.7-beta3
  • ACE+SSL 5.2
  • Xerces XML Package(2.1 or higher)

Additional Requirements

Linux Linux: none
FreeBSD FreeBSD: Gzip-1.3.3
Solaris Solaris: Solaris 9 with Supplemental Software installed

Xerces Setup

The SRLM application uses Xerces for XML generation and parsing. The package can be downloaded from the Xerces webpage. For installation instructions and other information regarding Xerces, please see their webpage.

OpenSSL Setup

The SRLM application uses OpenSSL for encryption on both the server and the client. For installation instructions and other information regarding OpenSSL, please see their webpage. If you have an older version of openssh installed, you may need to upgrade to at least openssh version 3.5 first ( www.openssh.org), as some older versions perform a version check on the openssl library and abort if they find a new version of the library. When running .config for openssl, you probably want to give it the shared argument

ACE+SSL Setup

The SRLM application uses ACE+SSL for network communication on both the server and the client. For installation instructions and other information regarding ACE+SSL, please see their webpage. Install openSSL first so that the ACE+SSL library doesn't compile with an old version of openSSL. For installation instructions, see the webpage, as it is much more detailed than the included documentation. It will tell you to make two symbolic links, to define two environment variables, and to run make. Instead of make, you need to run make ssl=1.

Initial Setup

To Install the SRLM Server, download the latest version of the code. Now untar the file by going to the directory where you downloaded it and typing:

[prompt]# tar -zxpvf <filename>

The file will expand into an srlmServer-1.0 directory.

Install The Server

  • Either copy the untared code from a disk onto the server hard drive or download the code directly onto the server.
  • Setup the server
  • AutoConfig Setup (Recommended)
    • cd to the directory containing the untarred code.
      [prompt]# cd srlmServer-1.0/
    • Run the configure script.
      [prompt]# ./configure
    • Compile the server.
      [prompt]# make all
    • Run the serverBuild script.
      [prompt]# ./serverBuild
       This script will generate a set of keys for the Server and Root Certificate Authority, and it will notify you of the directory in which to put the logrotate configuration files for each client. The directories will be printed to standard output, where you can record them for later use. When the key is generated for the root, you will be prompted for a password. Don't forget this password. When the key is generated for the server, you will again be prompted for a password. To keep things simple, use server. You must also give the server a Common Name when prompted, and this must be the IP address of the machine the Server is on. All other fields can be left blank.
    • If you used a password other than server, you need to edit your config.xml file to reflect this in the line labeled CertPassword.
    • Run the addClient script with the IP Address of each client as the command line arguments.
      [prompt]# ./addClient X.X.X.X X.X.X.X ... X.X.X.X
    • Keys will be generated for each client, and must be copied into /usr/local/srlm/keys/CA on the client machine. The files to be copied are stored in srlmServer-1.0/CA/X.X.X.Xkeys/, where X.X.X.X is the IP address of the client the keys were created for. A password must be created for each client key. As with the server, if you choose a password other than server, you will need to later edit the line of clientConfig.xml on the client's machine to reflect the chosen password. You will also be prompted for a Common Name. This needs to be the IP address of the client you are creating the keys for. All other fields can be left blank. At the end of each key generation, you must sign it with the root's password, which you created when running serverBuild.

    • For each Client:
    • Copy the contents of each client's logrotate configuration file (obtained in the client setup) onto the Server. The files should be placed in /usr/local/srlm/LogRotate, and the filename should be in the format of X.X.X.X.lrc, where X.X.X.X is the specific IP of the client. (See the comments in serverBuild to customize.)
    • Copy the contents of each client's key data (obtained in the client setup) onto the server. The files should be placed in /usr/local/srlm/keys/client, and the filename should be in the format of X.X.X.X.key, where X.X.X.X is the specific IP of the client. (See the comments in serverBuild to customize.)
  • Manual Configuration (Not recommended)
    • Steps for manual installation are included in the comments of the serverBuild script (A csh comment is signified by a '#'). Do not run the scripts. Simply open them with a text editor and view the comment blocks.
  • Start the server components (must be done after each restart or system shutdown):
    [prompt]# cd srlmServer-1.0
    [prompt]# ./serverStart

Adding Additional Systems to The Server

  • Follow the steps in "Client Setup" on the new client to obtain the key pair and logrotate configuration file
  • Copy the key-pair file and logrotate configuration file to the same server directories as you did for the server install.
  • Run the addClient script with the IP address of the new client.
    [prompt]# ./addClient X.X.X.X
  • Copy the key files generated during the configuration from srlmServer-1.0/CA/X.X.X.Xkeys/, where X.X.X.X is the IP address of the new client, to the directory /usr/local/srlm/CA/ on the client machine.
  • Start the server using serverStart if you have not already done so.
  • Follow the Finalize Client Side directions on the Client Installation Howto.

See Project Contacts for further assistance.
 
SAIC : An Employee-Owned Company
Advanced Technologies and Solutions Group
7120 Columbia Gateway Dr
Columbia, MD 21046
 Site Hosted By:
SourceForge.net Logo