Installation guide for on-premises

Getting the installation kit

Get the installation kit from Accelario representative.

It should be a zip archive with following contents:

  • jar file

  • “conf” directory with single yaml file

Example:

data-masking-1.0-SNAPSHOT.jar
conf/application.yml

Prerequisites

  • Windows or Linux server - any release/version. This server will act as the application server. It can be any host - a dedicated one or the same as the database server.

  • Recommended server requirements: according to server sizing guide

  • Java 8, minimum 241 build , e.g.: 1.8.0_241

  • Network accessibility to required databases

  • OS user:
    Linux - a user with a privilege to run java and has full permissions (read/write/execute) in the “app_home” directory
    Windows - a user with a privilege to run java and to read/write in the “app_home” directory

  • Database user - a user with DBA privileges in every database that the app should work with. Each database may have different user and password.

Deployment

Unzip the installation kit into empty directory on app server - this directory will be further called “app_home”.

The configuration file conf/application.yml already has all parameters with default values.

If needed, the parameters can be changed by updating this file and restarting the application.

The admin password may be changed by altering property: authConfiguration: password

The port may be changed by altering property: applicationConnectors: port

Pay attention that there are separate ports for http and https protocols.

HTTPS configuration

The application is packaged with self-signed certificate.

After the application’s start, the self-signed certificate is located at conf/keystore/a_masking_cert.jks

It allows to access the masking application via HTTPS, but browser will warn about unknown certificate.

To avoid the warning, the customer should provide trusted, signed certificate in p12 format. If the format is different, then it needs to be converted into p12 format and copied it to this folder: conf/keystore/

Тhe command to convert is:
openssl pkcs12 -export -in fullchain.pem -inkey privkey.pem -out fullchain_and_key.p12 -name dw -caname root
… where:
fullchain.pem  - is customer's certificate
privkey.pem  - private key
fullchain_and_key.p12 - is the name of result certificate
During the conversion a password is requested. The same password should be specified in /conf/application.yml , in the property: authConfiguration: https: keyStorePassword

 

Start on Linux

Make sure that java 1.8 is installed.

Run these commands:

cd {app_home} screen -dmSL masking java -Duser.timezone=GMT -Dfile.encoding=UTF-8 -Dconsole.encoding=UTF-8 -jar data-masking-1.0-SNAPSHOT.jar

If screen utility is not installed, it is also possible to use nohup:

cd {app_home} nohup java -Duser.timezone=GMT -Dfile.encoding=UTF-8 -Dconsole.encoding=UTF-8 -jar data-masking-1.0-SNAPSHOT.jar &

 

Start on Windows

Make sure that java 1.8 64bit is installed.

Run these commands:

cd {app_home} service_install.cmd

It creates a Windows service named Accelario Masking acc_masking

Once created, start the service.

The parameters for JVM are located in file {app_home}\service_parameters.list


In some cases, the application process may be started in an interactive mode - usually it is done as part of debugging session.

In that case, run these commands:

 

 

Accessing the application

Open a browser and goto: http://myserver:8084

Replace “myserver” with the hostname where the jar file was started

Reminder: the default port (8084) can be changed as described in Deployment section

Upgrade

  1. Stop the application

  2. Replace the file data-masking-1.0-SNAPSHOT.jar with new version

  3. Compare original and new application.yml files - copy new properties only

  4. Start the application