Tutorials

  2. Home
  4. Dokumente
  6. Tutorials
  8. 107. How to install Agent 3.0 for Linux ?

107. How to install Agent 3.0 for Linux ?

System Requirements

 

Approach

  • User/Admin has bought a valid SSL certificate from the trusted vendors of Salesforce.
    –  Outbound Messaging SSL CA Certificates
  • User/Admin has got the deployment package and transferred it to the deployment server.
  • User/Admin has exported the deployment package to the following directory.

/opt/skyvva-agent
If the above directory doesn’t exist already then create it using the following command.
mkdir –p /opt/skyvva-agent/{agent-db,logs}

  • Extract the deployment package using the following command.
    tar –xvzf Skyvva-Agent-Deployment-Package.tgz -C /opt/skyvva-agent/
[root@ip-172-20-63-98~]# tar -xvzf Skyvva-Agent-Deployment-Package.tgz -C/opt/skyvva-agent/

Deployment Procedure

1. Once we extract the deployment package to the above-mentioned directory, we should be able to find the following artifacts in the above directory.

  • Skyvva-Agent-3.0.0.jar
  • quartz.properties
  • skyvva_application.properties
  • startup.sh
  • stop-agent.sh
  • zulu14

2. Now once we have all the artifacts available and extracted in the deployment directory, we can update the configuration in the skyvva_application.properties file.

Note

User/Admins must only change the following mentioned attributes in the property file.
• server.port=9055
The above property will set the port on which the Skyvva Agent will listen.
• skyvva.h2.db.port=9056
The above property will set the port on which the Skyvva Agent Internal database web console
will be available.
• skyvva.agent.username=skyvva
• skyvva.agent.password=skyvva@12!

The above 2 properties will enable the basic authentication on the Skyvva Agent service.

3. After completing all the above steps, we can safely start the agent by executing the startup script.
• start-agent.sh

SSL Setup Procedure

There are two parts to setting up SSL.

  • The first part is where we enable SSL for the Agent instances so that all the services/endpoints exposed by SKYVVA Agent middleware can be access using SSL over http i.e. https protocol.
  • In the second part, we need to ensure that SKYVVA Agent middleware can access the Salesforce org using https. In order to do that we will have to trust the Salesforce SSL certificate by adding the Root CA certificate of Salesforce org to Agent’s trusted keystore.

Setup SSL for Agent Instance

Note
We need a valid SSL certificate in .p12 or .pfx format available to setup SSL for Agent Instance. Please check out the list of available trusted vendors (Outbound Messaging SSL CA Certificates) from which you can purchase an SSL certificate.

1. Copy the new valid SSL certificate to the deployment directory i.e. C:\skyvva-agent
2. Once we have copied the new SSL certificate to the deployment directory, we need to change the property file so that the Agent Instance can pick up the SSL certificate. Open the property file with the name skyvva_application.properties and look for the properties mentioned below.

# ==================================

# Agent SSL Properties

# ==================================


 


# Change this to true, if SSL has to be enabled

skyvva.h2.db.ssl.enabled=false


# Uncomment the following properties to enable SSL for Agent Services

#server.ssl.key-store-type=PKCS12

#server.ssl.key-store=/opt/skyvva-agent/ssl-certificate.p12

#server.ssl.key-store-password=Skyvva@12!

#server.ssl.key-alias=1

#security.require-ssl=true

3. As we can see above, all the properties except one have been commented out (which means starts with ‘#’). We will have to uncomment them i.e. remove ‘#’ from the starting of the lines. Once done it will look like as shown below.

# ==================================

# Agent SSL Properties

# ==================================


 


# Change this to true, if SSL has to be enabled

skyvva.h2.db.ssl.enabled=false


# Uncomment the following properties to enable SSL for Agent Services

server.ssl.key-store-type=PKCS12

server.ssl.key-store=/opt/skyvva-agent/ssl-certificate.p12

server.ssl.key-store-password=Skyvva@12!

server.ssl.key-alias=1

security.require-ssl=true

4. Now we will have to change only 4 properties to enable the SSL for SKYVVA Agent. Those 4 properties are as follows.

skyvva.h2.db.ssl.enabled=true

server.ssl.key-store=/opt/skyvva-agent/Add the name of the new SSL certificate file

server.ssl.key-store-password=SSL certificate store password

server.ssl.key-alias=Alias of the SSL certificate

Once we have replaced the highlighted values with the right possible values, we can restart the Agent Instance.

Setup SSL for Outbound Flow

In this section, we will see how to trust a Root CA certificate so that we can connect to any system like Salesforce, Kafka, SAP, etc using SSL through SKYVVA Agent middleware.

Normally all the standard CA certificates are already present in the Trust Store file used by the JDK(which is embedded inside the Agent Deployable Package), but in rare scenarios where it’s not available, we can import it as a trusted certificate.

Procedure

Note
Before we start the procedure, we need to download the other system or web site’s SSL certificate. To download any website’s certificate using the browser, please check the next section.

1. Go to the jdk directory inside the deployment directory using the following command.
cd /opt/skyvva-agent/zulu14/bin

2. Use the command described below to import the certificate file as a trusted certificate.

keytool.exe -importcert -alias certificate-alias-name -file path_to_downloaded-certificate-der-file -keystore /opt/skyvva-agent/zulu14/lib/security/cacerts -storepass changeit -trustcacerts

Make sure that you replace the highlighted parts with the actual values before executing the above command. Once done, restart the Agent Instance.

Procedure to Download on SSL certificate

Google Chrome 

Export the SSL certificate of a website using Google Chrome:
1.Click the Secure button (a padlock) in an address bar.

2. Click the Certificate(Valid).

3. Go to the Details tab

4.Click the Copy to File… button
5.Click the Next button.
6.Select the “Base-64 encoded X.509 (.CER)” format and click the Next button.

7.Specify the name of the file you want to save the SSL certificate to

8.Click the Next and the Finish button

Mozilla Firefox

Export the SSL certificate of a website using Mozilla Firefox:
1.Click the Site Identity button (a padlock) in an address bar.

2.Click the Show connection details arrow
3.Click the More Information button

4.Click the View Certificate button
5.Go to the Details tab

6.Click the Export button

7.Specify the name of the file you want to save the SSL certificate to, keep the “X.509 Certificate (PEM)
format and click the Save button

Internet Explorer

Download and save the SSL certificate of a website using Internet Explorer:
1.Click the Security report button (a padlock) in an address bar

2.Click the View Certificate button

3.Go to the Details tab
4.Click the Copy to File… button
5.Click the Next button
6.Select the “Base-64 encoded X.509 (.CER)” format and click the Next button
7.Specify the name of the file you want to save the SSL certificate to
8.Click the Next and the Finish buttons

Summary  The user learns how to install Agent 3.0 for Linux by bought a valid SSL certificate from the trusted vendors of Salesforce. Outbound Messaging SSL CA Certificates. Also, by got the deployment package and transferred it to the deployment server, and exported the deployment package directory.

Fandest du diesen Artikel hilfreich? Ja Nein

Wie können wir helfen?