Installing TAK Server 5.x (RPM Edition)

Описание к видео Installing TAK Server 5.x (RPM Edition)

DISCLAIMER: This video does not replace the official documentation from https://TAK.gov

Building a TAK Server 5.x on Rocky Linux 8.10 from scratch. More instructions can be found a https://mytecknet.com/lets-build-a-ta...

Chapters:
0:00 Introduction
0:40 TAK.gov Registration and Installers
01:13 Rocky Linux Download
01:30 System Resources
02:46 Copying Files from Windows to Linux Terminal
03:18 Set Networking Configuration
04:55 Copying Files from Windows to Linux Execution
06:35 Installation Prerequisites
13:40 Installing the TAK Server
14:40 Post Installation Task
16:20 Establishing the PKI Environment
20:36 Editing the Core Configuration
21:55 Starting the TAK Server services
23:23 Creating the Administrative Certificate
24:47 Moving the Public and Client Certificates
26:20 Copying the Certificates to Windows
27:20 Importing our Certificate into Firefox
28:00 Modifying the System Firewall
29:25 Accessing the MARTI Dashboard
29:50 Creating a Soft Client Certificate
32:05 Connecting to a TAK Server (Soft-Certificate)
33:40 Configuring the TAK Server for Client Certificate AutoEnrollment
35:30 Creating a TAK User
37:03 TAK Client Certificate Enrollment Configuration
38:28 Certificate Revocation and Certificate Revocation Lists (CRLs)
51:10 Deleting Users and Certificates
1:03:30 Conclusion

Steps in order of execution:
Increase the JVM Handles
sudo vi /etc/security/limits.conf

Install Extra Packages for Enterprise Linux
sudo dnf install epel-release

Install the PostgreSQL Repository
sudo dnf install -y https://download.postgresql.org/pub/r...

Disable the built-in PostgreSQL modules
sudo dnf -qy module disable PostgreSQL

Perform an OS Update
sudo dnf update -y

Install the TAK Server RPM
sudo rpm --import takserver-public-gpg.key
sudo dnf install takserver-5.1*.rpm

Apply SELinux Policies
cd /opt/tak && sudo ./apply-selinux.sh

Create the PKI environment
sudo su tak
cd /opt/tak/certs
vi cert-metadata.sh
./makeRootCa.sh
./makeCert.sh ca
./makeCert.sh server takserver

Edit the CoreConfig.example.xml
Modify truststore-root.jks with truststore-{CAName}.jks
vi /opt/tak/CoreConfig.example.xml
exit

Start the TAK Server
sudo systemctl enable takserver
sudo systemctl start takserver

Create the Admin Certificate
sudo su tak
cd /opt/tak/certs
./makeCert.sh client webadmin
java -jar /opt/tak/utils/UserManager.jar certmod -A /opt/tak/certs/files/webadmin
exit

Prepare the Admin Certificate for transfer
sudo cp -v /opt/tak/certs/files/webadmin /home/{username}
sudo chown -R {username}:{username} /home/{username}

Copy the TAK Server public truststore
sudo cp -v /opt/tak/certs/files/truststore-{CAName}.p12 /home/{username}/caCert.p12
sudo chown -R {username}:{username} /home/{username}

Комментарии

Информация по комментариям в разработке