Installing the Micetro Web Application on Linux
Important
Before installing the Micetro Web Application, make sure you have an operational Apache Web Server running. The Web Application will configure its own virtual host.
To install the Micetro Web Application on Linux:
Extract and install the Micetro Web Application installation package with root privileges:
tar -xzvf micetro-web-application-10.3.5.linux.x64.tgz cd micetro-web-application-10.3.5.linux.x64 && ./install --web-virtual-host-domain web-application.domain.tld
where
web-application.domain.tldis the domain where the Web Application will be accessed.Restart the Apache web server:
systemctl restart httpd
For RHEL8-based distributions with SELinux enabled, make sure Apache is permitted to connect to the Web Application service:
setsebool httpd_can_network_connect 1 -P
Setting up SSL for the Web Application (Apache)
Note
Make sure that certificates include a Subject Alternative Name (SAN) so that web browsers mark the site as secure.
By default, the Web Application uses an unencrypted HTTP connection on port 80. To use it with HTTPS on port 443, follow these steps:
Make sure that mod_ssl for Apache is installed:
yum install mod_ssl
If you have existing SSL key files:
place the .key file in
/etc/pki/tls/private/and the .crt and .csr files in
/etc/pki/tls/certs/.
If you need new SSL keys, generate a keypair:
openssl req -new -nodes -keyout mmweb.key -out mmweb.csr -newkey rsa:4096
Create self-signed certificate:
openssl x509 -req -days 365 -in mmweb.csr -signkey mmweb.key -out externaldns3.crt
Move the files to the appropriate directories:
cp mmweb.key /etc/pki/tls/private/ cp mmweb.c* /etc/pki/tls/certs/
Once the keyfiles are placed in their respective directories, edit the
mmweb.conffile in the Apache configuration directory (default/etc/httpd/conf, or usefind /etc/ -name "mmweb.conf"to locate the file) with the following changes:Change
<VirtualHost *:80>to<VirtualHost *:443>.Add the references to the key files (amend the path as necessary):
SSLCertificateFile /etc/pki/tls/certs/mmweb.crt SSLCertificateKeyFile /etc/pki/tls/private/mmweb.key
Enable SSL:
SSLEngine on SSLProtocol all -SSLv2 -SSLv3 SSLCipherSuite HIGH:3DES:!aNULL:!MD5:!SEED:!IDEA
Note
The default Apache installation may already have a <VirtualHost _default_:443> directive, which may conflict with the mmweb.conf file.
Comment out this existing VirtualHost block to avoid errors.
To verify the Web Application is accessible, navigate to https://web-application.domain.tld. The Micetro Web Application login should be displayed.
Enabling content compression for Apache
To speed up response time for large operations, add the following line to mmws.conf:
AddOutputFilterByType DEFLATE application/json
Allowing the Web Application to log into other Micetro Central servers
By default, the Micetro UI and API only allow connecting to a single Micetro Central server, determined during the first login to Micetro after installation.
To allow users to specify a custom Central server to connect to:
Log into the server hosting Micetro.
Edit the
preferences.cfgfile for the Micetro Web Services located at/var/mmsuite/web_services/preferences.cfg) by adding the following line:<DefaultCentralServer value="your Micetro Central DNS name or IP" />
Note
If
DefaultCentralServeris not specified, the web service will use the first-specified Micetro Central server, typicallylocalhost.Add the following XML-tag to lock the web service to use the default Micetro Central server:
<LockToDefaultServer value="0" />
Restart the
mmwsservice:systemctl restart mmws
A Server field will appear on the Micetro login page and the serverName field in the API Login command will be honored.
Increase timeout for webserver proxy
To ensure that the Web Application operates efficiently with larger change request queues that take longer for Central to process, modify the /etc/httpd/conf file and increase the mmws proxy timeout value:
ProxyTimeOut 60