Reminder: Do not include any PHI or PII in Confluence. If you require 508 accessibility assistance or any other support for this system, then please send an email to onc-jira-questions@healthit.gov
Introduction
This guide details the process for installing the Direct Certificate Discovery Tool (DCDT, or the Tool) from a Linux (Debian) package. The package obtained by either building it from the source or by simply downloading the prebuilt package as described on this page.
Requirements
See the System Requirements Install Guide for instructions on how to prepare your system prior to installation of the Tool.
Add Tool Apt Repository
In order to resolve some dependent packages, you will need to add the Tool's Apt repository:
sudo add-apt-repository http://packages.direct-test.com/ubuntu/
sudo apt-get update
Install Tool Package
If you have built the package from the source code, the package has been built locally and can be installed by running:
sudo dpkg -i ~/direct-certificate-discovery-tool/assembly/target/direct-cert-discovery-tool-assembly-*.deb
Otherwise, the latest version of the package can be downloaded from the Tool's Apt repository by running:
sudo apt-get install direct-cert-discovery-tool-assembly
Configure the Environment
Append the following lines to the global environment configuration file, /etc/environment:
DIRECT_HOME="/usr/share/direct"
DIRECT_VAR="/var/lib/direct"
Source and export the variables in the global environment configuration file by running:
. /etc/environment
export DIRECT_HOME DIRECT_VAR
Configure Tomcat
Stop the Tomcat 7 service by running:
sudo service tomcat7 stop
Modify the HTTP connector port by running:
sudo /usr/share/direct/direct-cert-discovery-tool-utils/bin/tomcat7-setport.sh
Append the following lines to the file /etc/default/tomcat7:
JAVA_HOME="/usr/lib/jvm/java-7-oracle"
JAVA_OPTS="-Djava.awt.headless=true -Xms512m -Xmx1536m -XX:+UseConcMarkSweepGC"
If the file /usr/share/tomcat7/bin/setenv.sh does not exist, create it by running:
sudo touch /usr/share/tomcat7/bin/setenv.sh
Append the following lines to the file /usr/share/tomcat7/bin/setenv.sh:
CATALINA_OPTS="$CATALINA_OPTS -XX:PermSize=256m -XX:MaxPermSize=512m"
CATALINA_OPTS="$CATALINA_OPTS -Dderby.stream.error.file=$CATALINA_BASE/logs/derby.log"
CATALINA_OPTS="$CATALINA_OPTS -Ddcdt.config.dir=/var/lib/direct/direct-cert-discovery-tool/config"
CATALINA_OPTS="$CATALINA_OPTS -Ddcdt.log.dir=$CATALINA_BASE/logs"
Start the Tomcat 7 service by running:
sudo service tomcat7 start
Configure Direct DNS Services
Start the Direct DNS Server service by running:
sudo service DirectDNSServer start
Configure ApacheDS
Stop the ApacheDS default instance service by running:
sudo service apacheds-2.0.0-M10-default stop
Create the ApacheDS domain2ldap1 instance data by running:
sudo mkdir -p /var/lib/apacheds-2.0.0-M10/domain2ldap1/run
sudo cp -r /var/lib/apacheds-2.0.0-M10/default/conf/ /var/lib/apacheds-2.0.0-M10/domain2ldap1/conf/
sudo sed -i -r 's/^(ads\-systemport: )10(389|636)$/\111\2/g' /var/lib/apacheds-2.0.0-M10/domain2ldap1/conf/config.ldif
sudo chown -R apacheds:apacheds /var/lib/apacheds-2.0.0-M10/domain2ldap1
Create the ApacheDS domain2ldap1 instance service by running:
sudo cp /etc/init.d/apacheds-2.0.0-M10-default /etc/init.d/apacheds-2.0.0-M10-domain2ldap1
sudo sed -i -r 's/(apacheds \$1 )default/\1domain2ldap1/' /etc/init.d/apacheds-2.0.0-M10-domain2ldap1
Start both ApacheDS instance services by running:
sudo service apacheds-2.0.0-M10-default start
sudo service apacheds-2.0.0-M10-domain2ldap1 start
Further Steps
At this point the system contains all of the Tool's software components, but has not yet been made deployment domain-specific. To finalize the configuration, please follow the instructions in the Configuration Guide.