INSTALL.PKG - Installation and Configuration Instructions 14 Apr 2002 for the IAgent system on Solaris 7 & 8 SPARC hardware The IAgent system is delivered as a gzipped tar file containing: A Solaris Package tar file - LWCiagent*.tar This INSTALL file - INSTALL.PKG A License file - License.txt A Support file - SUPPORT.txt and a Readme file - README.txt INSTALLATION INSTRUCTIONS All files should be extracted into the /tmp directory, with something like: (cd /tmp; gzip -dc /full/path/to/tar/file/whatever.tar.gz | tar xvf - ) The Solaris package may be unpacked and installed with the following commands (you should be root when installing the package): cd /tmp tar xvf LWCiagent*.tar pkgadd -d . LWCiagent This will install the IAgent system in /opt/IAgent and build the necessary directories and files. At this point you may delete any IAgent files in /tmp (these usually get removed upon reboot). CONFIGURATION INSTRUCTIONS IAgent configuration consists of 5 steps: 1. Requesting and installing the license file. 2. Create the IAgent configuration file. 3. Create the Trading Partners configuration file. 4. Install local certificates and keys. 5. Install local Certificate Authority certificates. 1. Requesting and installing the license file. A specific license data file (usually license.dat) will be required to run the IAgent system. This license file will be supplied by Lymeware if the following information is supplied: Customer Name: Target Machine IP Address: Target Machine Host ID: (run the hostid command to display) Contact Person: Contact Phone Number: Contact E-Mail Address: The license file will be delivered to the Contact E-Mail Address. The license file must be installed at /opt/iagent and should be owned by root. 2. Create the IAgent configuration file. The IAgent configuration file (iagent.conf by default) defines: all local certificates and keys, inbound and outbound interfaces, IA Server ports, The Mode to run IAgent in (Server only, Client only, or Full), Trading Partner file name and location, and other useful switches. There are sample configuration files in the examples subdirectory in the distribution. It is suggest you read them carefully so you can see how the options go together in practice. See the Users Guide for all the options. 3. Create the Trading Partners configuration file. The Trading Partner configuration file (tpartners.conf by default) defines for each Trading Partner: Trading Partner ID, Local Trading Partner ID (as in ISA05 or ISA06), Remote Trading Partner ID (as in ISA05 or ISA06), Trading Partner's server IP address, Trading Partner's standard port, Trading Partner's hi priority port, Trading Partner's SSL session timeout, Trading Partner's IA message type, Trading Partner's IA receipt type, and the status of the Trading Partner server. There are sample configuration files in the examples subdirectory in the distribution. It is suggest you read them carefully so you can see how the options go together in practice. See the Users Guide for descriptions of all the options. The simplest useful configuration file would consist of a single Trading Partner entry. 4. Install local certificates and keys. At a minimum, a single X.509 certificate and private key pair is required to operate the IAgent system. The signing CA Certificate will also be required. A directory (client_certs) is provided to store all your local X.509 certificates. It is assumed that all certificates will contain the Trading Partner ID as the Common Name and be in PEM (or base-64) format. A directory (client_keys) is provided to store all your local private RSA keys. It is assumed that all private keys will be in PEM (or base-64) format. 5. Install local Certificate Authority certificates. A directory (ca_certs) is provided to store all CA X.509 certificates. Typically any CA certificate used by any of your Trading Partners should be stored here. It is assumed that all certificates will be in PEM (or base-64) format. STARTING THE IAGENT SYSTEM You must choose to start IAgent either as a system daemon (at boot) or from the command line. Don't try to do both! Either you can put in /etc/rc3.d and have it started on system boot, or you can start it as from the command line. See the User's Guide for details on the command line options. It is suggested that you start IAgent from the command line to test your configuration and configuration files. When this has been successfully completed, run the following to start IAgent as a system deamon: su root -c "/etc/rc3.d/S99iagent start" At this point IAgent may be monitored by watching all of the following files: iagent.log, iagent.err, client_trans.log, receipt_trans.log, server_trans.log, hipri_trans.log If you have any problems with the installation or configuration see SUPPORT.txt for support options. This document is Copyright (C) 1999-2002 Lymeware Corporation, All Rights Reserved.