Installing TIBCO MFT Command Center

After starting the automated installation, you must complete all installation steps to complete the installation.

1. This step extracts the distribution file named cfcc.jar.

   In this step, the application server is also be installed and configured, and the JAVA_HOME environment variable is detected.

   If you install TIBCO MFT Command Center on a Windows system, you will also be prompted to define whether to run the application server as a Windows service.

   Note: When you choose to install TIBCO MFT Command Center as a Windows service, if an TIBCO MFT Command Center Windows service already exists, the existing TIBCO MFT Command Center Windows service is stopped and a new Windows service is installed and started.

   Is the application server installed as a Windows service or do you want to run it as a Windows service? y/n/? [y]:
   Stopping service MFT Command Center ....................

   If you install TIBCO MFT Command Center on a UNIX system using IBM Java, you will see a prompt where you can choose to enable FIPS mode on the application server. After putting the server into FIPS mode, MFT will only use FIPS certified cryptographic modules when using SSL (HTTPS and FTPS), SFTP (SSH), and AS2. If you want to change your FIPS mode configurations at a later time, see Configuring FIPS 140-2 Manually for more details on configuring FIPS mode manually.

   Found distribution file c:\MFTCC\cfcc.jar
   Use C:\MFTCC\cfcc.jar as the distribution? y/n [y]:
   Extracting distribution file: C:\MFTCC\cfcc.jar
   ................................................................................
   Distribution extracted successfully!
   
   Is the application server installed as a Windows service or do you want to run it as a Windows service? y/n/? [y]:
   
   Installing application server to C:\MFTCC\server
   ..............................................................................................
   
   Using C:\MFTCC\server as path to the application server installation.
   C:\MFTCC\server\conf\Catalina\localhost

2. This step sets up the connection to the TIBCO MFT Command Center database that you created.
   In this example, Oracle is used as the database server.

   Note: If you use an MS SQL database that uses Windows authentication, you must add the domain parameter with the domain name to the end of the database URL. To do this, type n when prompted with the default statement, Use database URL:. You can enter a new database URL to use. Copy and paste the URL that is contained in the brackets, and then add a semicolon and the domain parameter at the end, for example, jdbc:jtds:sqlserver://10.1.2.182:1433/MFTCC;domain=DomainName, and then press Enter.

   Note: If you use a MySQL database, you may get the following exception when connecting to MySQL 8.

   Failed to establish a connection to the database: com.mysql.jdbc.exceptions.jdbc4.MySQLNonTransientConntionException: Public Key Retrieval is not allowed-error-in-java/

   There are 3 possible workarounds for this issue (ranked most secure to least secure):

   1. Use a TLS connection from TIBCO MFT Command Center to MySQL.
   2. Change the default_authentication_plugin section to mysql_native_password.
   3. Add the following parameter to the database connection URL:

      &allowPublicKeyRetrieval=true.

      Note that allowPublicKeyRetrieval=true could allow a malicious proxy to perform a man in the middle attack to get the plaintext password, that is why it is false by default.

   Stopping the application server................................. [OK]
   A previous installation of the application server was found which is
   incompatible with
   this version.
   The current server will be upgraded. Please back up the current server directory
   before proc
   eeding.
   Do you wish to continue? y/n [y]
   Installing application server to /home/rkundu/MFT810/MFTCC810/server
   .................................................................................
   ........... ...
   Using /home/rkundu/MFT810/MFTCC810/server as path to the application server
   installation.
   /home/rkundu/MFT810/MFTCC810/server/conf/Catalina/localhost
   ****************************************************************
   Step 2 Verifying database connection
   Select database server type:
   Enter 1 for MSSQL
   Enter 2 for MySQL Enterprise Server or Community Server
   Enter 3 for Oracle
   Enter 4 for DB2
   Enter 5 for PostgreSQL
   : 5
   PostgreSQL selected as database server type.

3. This step installs the database and populate the database tables.

   Step 3  Configuring the database
   Executing database creation utility....
   cmd /E:1900 /c setupdb.bat "amRiYzpvcmFjbGU6dGhpbjpAMTkyLjE2OC43OC44OToxNTIxOm1mdDhz" oracle bWZ0cWE? ******** oracle.jdbc.driver.OracleDriver BASE64
   Allocating DBSetup object...
   Determining database version.... 
   Installing database...
   Updating database...
   Updating tables...
   …
   …
   Updating records...
   Done updating database.
   Successfully installed database: jdbc:oracle:thin://oracleserver:1521:cfcc
   Successfully populated DB tables with default information.
   adding URIEncoding attribute to http connector

   If you already have an TIBCO MFT Command Center database, you are prompted to back up the database that you are using, because the database is updated during the TIBCO MFT Command Center installation process.

   Step 3  Configuring the database
   Database will be modified for new features.  Please backup database before proceeding.
   Do you wish to continue? y/n [y]

4. This step configures TIBCO MFT Command Center for SSL communication.

   If you do not have a certificate, a self-signed certificate will be created during the installation process. You can either use a certificate issued by a certificate authority (CA) or use a self-signed certificate. During the installation process, you can choose the signature algorithm that will be used to sign the self-signed certificate; the highest strength is SHA512 with RSA and the lowest strength is SHA256.

   Note:

   Pay attention to the following points:

   • Self-signed certificates are only practical for testing purposes and allow you to get up and run quickly while you wait for an external CA to sign a certificate for you.
   • Assigning port numbers below 1024 (so-called low-numbered ports) can only be bound to by root on UNIX systems.

   Step 4  Evaluating the application server installation for HTTPS connectors
   Reading the application server configuration file: C:\MFTCC\server\conf\server
   xml
   Found no pre-existing HTTPS connectors!
   Do you have a pre-exisiting Java Keystore to be used as a server key for SSL co
   munication? y/n/? [n]:
   
   Creating keystore for SSL communication
   Enter the keystore path and filename..[C:\MFTCC\keystore\keystore.jks]:
   Directory C:\MFTCC\keystore does not exist! Create? y/n [y]:
   Enter the keystore password (at least 6 characters)..[changeit]:
    Enter the alias of your private key......................[cfcc]:
   Enter the DNS Name or IP Address of your server............:10.97.142.191
   Select the signature and key algorithms you wish to use........:
   1. SHA256 with RSA
   2. SHA384 with RSA
   3. SHA512 with RSA
   Please enter your selection. [1]: 
   Enter your Company Name..............................[Optional]:TIBCO
   Enter your Organizational Unit Name..................[Optional]:Web Debt
   Enter the City where your company is located.........[Optional]:Palo Alto
   Enter the State where your company is located........[Optional]:CA
   Enter the two-letter country code for this unit......[Optional]:US
   
   Keystore filename    : C:\MFTCC\keystore\keystore.jks
   Keystore password    : ********
   Key alias            : cfcc
   Server address       : 10.97.142.191
   Signature and key alg: SHA256withRSA
   Organization         : TIBCO
   Organizational Unit  : Web Debt
   Locality             : Palo Alto
   State                : CA
   Country              : US
   Create a keystore with the above information? y/n [y]:
   
   Creating keystore......
   C:\Program Files\Java\jdk1.8.0_40\bin\keytool -genkey -keystore C:\MFTCC\keys
   ore\keystore.jks -storepass ******** -keypass ******** -keyalg RSA -sigalg SHA2
   56withRSA -alias cfcc -keySize 2048 -validity 3650 -dname CN=10.97.142.191, O=TI
   CO, OU=Web Dept, L=Palo Alto, ST=CA, C=US
   
   Enter the HTTPS Port to listen for connections… [8443]:

5. This step configures the TIBCO MFT Command Center components and ports on the application server.

   In this example, to provide the most secure environment, the connector is set to only allow secure ciphers by default. To view those ciphers, type V for them to be displayed. If you want the server to support all ciphers, you can select option 2. The AJP port is used for forwarding requests from an HTTP server.

   Step 5  Updating the application server Connector Configuration
   
   Default HTTPS Connector parameters for port 8443:
   The Default Verbosity Level                          - 2
   The Default Debug Level                              - 2
   The Default Buffer size                              - 2048
   The Default Connection Timeout                       - 60000
   The Default DNS Lookup set to                        - true
   The Default Max active requests                      - 128
   The Default Min Processors                           - 5
   The Default Max Processors                           - 100
   
   Accept these parameters? y/n [y]:
   Select the SSL ciphers you wish to the server to support.
   1. Secure ciphers
   2. All ciphers
   Please enter your selection or v to view secure ciphers. [1]:
   Enter the HTTP port to listen for connections... [8080] : 
   
   Enter the port to listen for shutdown requests... [8005] :
   
   Enter the AJP port... [8009] :

6. This step configures the context root that will be used in the URL.

   The context name must be set to an alphanumeric name. Using special characters within a context name can cause unpredictable results. Using the default value for cfcc is recommended.

   Step 6  Evaluating the application server installation for contexts
   Enter the context root for this installation ........[cfcc]
   
   Reading context configuration file: C:\MFTCC\server\conf\Catalina\localhost\cfcc.xml
   Found no pre-existing Contexts

   Note: If you are upgrading, you will be prompted to backup your present settings because only one instance of cfcc can exist on the server.
7. This step extracts the cfcc.war file to install the TIBCO MFT Command Center application.

   Step 7  Installing web application
   Use C:\MFTCC\server\webapps\cfcc as the installation directory? y/n/? [y]:
   
   Extracting distribution\cfcc.war to C:\MFTCC\server\webapps\cfcc

8. This step will verify the context configuration for TIBCO MFT Command Center.

   Step 8  Updating the application server context configuration
   
   Default Context parameters:
   The Default Log File Prefix                          - localhost_cfcc_
   The Default Log File Suffix                          - .txt
   The Default Log File Timestamp                       - true
   The Default Log File Verbosity Level                 - 2
   The Default Log File Debug Level                     - 0
   
   Add a new context with the above parameters? y/n/? [y]:

9. This step updates the TIBCO MFT Command Center web.xml file and installs the TIBCO MFT Command Center Administrator service.

   Step 9 Configuring web.xml
   
   Enter the name of the host on which the application will run. [SystemA]:
   
   Enter a directory to store log files......[c:\MFTCC\logs]:
   
   Configure web.xml with the above parameters? y/n [y]:
   Starting the application server................... [OK]

10. This step deploys the TIBCO MFT Command Center web service.

    Step 10 Deploying services
    Executing deploy command.
    Cmd /E:1900 /c deploy.bat 127.0.0.1 8080 admin ****** cfcc
    This may take a few moments......

11. This step generates SOAP stubs that TIBCO MFT Command Center will use.

    Step 11 Generating SOAP Stubs
    Executing genstubs command.
    Cmd /E:1900 /c genstubs.sh 10.97.142.191 8080 admin ******** cfcc http
    This may take a few moments......

12. This step installs the Soap stubs generated for the TIBCO MFT Command Center web service.

    Step 12 Installing SOAP Stubs
    Executing installstubs command.
    Cmd /E:1900 /c installstubs.sh c:\MFTCC\server\webapps\cfcc
    This may take a few moments......
    
    Restarting the application server
    Stopping the application server................................. [OK]
    Starting the application server................................. [OK]

13. This step explains how the JMS jar files should be copied after the installation is complete.

    If you are using the JMS interface, you must copy the JMS jar files to the MFTCC_Install\server\webapps\cfcc\WEB-INF\lib directory.

    Step 13 Copy JMS files
    
    If you are using the JMS interface, you must copy the JMS jar files to the
    following location:
    C:\MFTCC\server\webapps\cfcc\WEB-INF\lib
    These jar files are typically found in the JMS Server installation.
    Restart the MFT server after copying the jar files.
    You can configure and test the JMS settings through the Command Center.
    Go to the Management > Manage Services > Configure JMS Service page.
    On that page you can click on help for a list of the provider specific jar files.
    
    Press the enter key to continue.
    
    Installation completed!  Details are in the install.log file.