How to Configure RavenDB Certificates | Use the Ingeniux CMS 10.5 Site Instance Wizard to configure server and client certificates for Raven DB 4.x authentication.
Use the Ingeniux CMS Site Instance Wizard to generate server and client X.509 security certificates or provide your own for the Ingeniux CMS 10.5 instance and the Raven Database (RavenDB) 4.x instance.
The RavenDB service uses the server certificate to perform behind-the-scenes operations (e.g., data encryption on disk, SSL resolution).
The CMS application and DSS Preview clients connect to the RavenDB. The RavenDB client uses the client certificate to validate the identities of users. In RavenDB 4.x, all authentication is accomplished through certificates; therefore, in CMS 10.5, only users who attempt to access RavenDB from clients with authorized client certificates gain access to the database. The application of this RavenDB authentication certificate depends on if you intend to install RavenDB on the same server as the CMS instance installation or remotely. Administrators set up a certificate to access RavenDB at one of two junctures within the Ingeniux CMS 10.5 Site Instance Wizard.
To configure a server certificate for a local RavenDB server:
Additional Info: A self-signed certificate is a security certificate that is not signed by a certificate authority (CA); rather, it is signed by the same entity that it certifies. This option creates and registers the certificate on the system during the CMS instance installer process. The certificate authenticates the RavenDB instance and CMS instance. A self-signed certificate may be particularly useful for temporary or staging server scenarios. After you provide the RavenDB host name and port number on the RavenDB server, the Ingeniux CMS installation creates the self-signed certificate for you. |
Field | Description | ||
---|---|---|---|
Server Certificate Password | Enter a server certificate password. If you choose a password, password validation becomes required to access the server certificate. | ||
RavenDB Host |
Enter the appropriate RavenDB host (e.g., raven.server.com or 127.0.0.1). The CMS instance name displays as the default. Note: We recommend maintaining the CMS instance name. If you have multiple RavenDB services, maintaining the name helps you to clarify which RavenDB host associates with each CMS instance. |
||
Raven Server Port Number |
Enter the filepath to the appropriate RavenDB instance port number. A wildcard character (*) will notify the system to check for and select an available port number. The system starts checking at 8080. If unavailable, the system runs a loop, incrementing the port number up by one until the system finds an available port number. This port check is performed on this screen and an available port is displayed. |
||
RavenDB Service Account drop-down list |
|
Additional Info: Rather than having the installation wizard create a self-signed certificate, you can provide a server certificate for your local RavenDB server, manually. This may be particularly useful if you require the certificate to be signed by a certification authority. |
Field | Description | ||
---|---|---|---|
Certificate File Path | Enter the filepath to the appropriate certificate (.pfx file). | ||
Server Certificate File Password (optional) | This field is optional. Enter the password for the indicated server certificate file. | ||
RavenDB Host |
Enter the appropriate RavenDB host URI (e.g., raven.server.com or 127.0.0.1). The CMS instance name displays as the default. Note: We recommend maintaining the CMS instance name. If you have multiple RavenDB services, maintaining the name helps you to clarify which RavenDB host associates with each CMS instance. |
||
Raven Server Port Number |
Enter the filepath to the appropriate RavenDB instance port number. A wildcard character (*) will notify the system to check for and select an available port number. The system starts checking at 8080. If in use, the installation wizard increments upwards to find the next available port. The wizard will automatically perform this check on this step and display an available port. |
||
RavenDB Service Account drop-down list |
|
Choose this option if the RavenDB instance will reside on a server other than the one where the CMS instance resides. This option requires the site administrator to set up the RavenDB instance beforehand. If RavenDB will be installed on a server other than the CMS server (External URI option), you must provide the URI to the server where RavenDB will be located and the path to the .pfx file.
To configure a security certificate for a remote RavenDB server:
Field | Description |
---|---|
RavenDB URI | Enter the appropriate external RavenDB instance URI. |
Client Certificate File Path | Enter the filepath to the appropriate client certificate (*.pfx file). |
Next Steps:
After configuring RavenDB 4.x and its security certificate, return to the appropriate set of wizard instructions to complete the process.