Installation

Installation User on UNIX

Install as a non-root or an unprivileged user. If you want to use ports below 1025, use the UNIX iptables command to redirect these ports to ports 8443 and 8080. See Network for more details on redirecting ports.

Provide only the necessary rights to update the MFT_Install directory and any directories where *LOCAL data will be saved.

Installation User on Windows

Install as a normal user, for example: Non Administrator. Normal users can use ports below 1024.

Provide only the necessary rights to update the MFT_Install directory and any directories where *LOCAL data will be saved.

Securing the JDBC connection

If possible, configure the JDBC driver to use SSL/TLS. Contact your database administrator for instructions on how to do this.

Using Secure Ciphers

During the installation process, you will be prompted to use only secure ciphers. Use the default value of secure ciphers. This will ensure that only secure ciphers will be accepted during SSL negotiation. This applies to HTTPS connections as well as FTPS and Platform Server SSL connections.

Admin Service

Do not install the MFT Admin service on computers located in the DMZ. Only install the MFT Admin service on computers in the internal network.

HTTPS Certificate

Purchase an HTTPS SSL certificate from a well-known certificate authority. The default certificate is a self-signed certificate, which will prompt the browser users a warning that the certificate is not trusted. When creating a keystore, use a strong password instead of the default password.