This chapter shows a step-by-step procedure for installing TKLM on Linux.
7
7.1 TKLM Linux installation
The server operating system for this installation is GNU/Linux 2.6.18-92.el5.
The TKLM must be installed as root. In our example we installed from a tar file. Follow your media instructions for starting the installation.
1. Create a tklm directory and copy the TKLM Linux installation file into it.
2. Extract the TKLM tar file by issuing the following command:
tar -zxpvf tklm_install_filename.tar.gz Several folders are created.
3. Run the following command from the /root/tklm directory to start the graphical user interface (GUI) installation:
./install.sh
Figure 7-1 shows the GUI installation processes successfully ended.
Figure 7-1 GUI installation
4. Verify the default installation paths.
UNIX and Linux:
TKLM: /opt/IBM/tiptklmV2
DB2: /opt/IBM/db2tklmV2
DB2 Instance Home: /home/tklmdb2 (AIX/Linux) or /export/home/tklmdb2 (Solaris)
Chapter 7. TKLM Linux installation 125 5. The first screen (Figure 7-2) prompts you to make a language choice. Make your selection
in the box and click OK.
Figure 7-2 Language choice
6. A wizard guides you through TKLM v2 installation, as shown in Figure 7-3. Click Next.
Figure 7-3 TKLM wizard
7. The software license agreement is displayed. Click I accept the terms in the license agreement to proceed. Click Next.
Figure 7-4 License agreement screen
Chapter 7. TKLM Linux installation 127 8. The next screen (Figure 7-5) prompts you to select installation or reuse of DB2 and
specify a directory. Make the appropriate entries and click Next.
Figure 7-5 DB2 directory specification
9. DB2 credentials are requested on the next screen displayed (Figure 7-6). Enter the appropriate information and click Next.
Figure 7-6 DB2 configuration
Chapter 7. TKLM Linux installation 129 10.On the next configuration screen, enter root in the Administrator’s Group field and leave
the default DB2 directory. Click Next to create a DB2 Administrator group (Figure 7-7).
Figure 7-7 DB2 administration configuration
11.The next screen displayed shows a summary of your previous entries (Figure 7-8). Review the configuration; if everything is correct, click Next to begin the TKLM v2 installation.
Figure 7-8 Configuration summary
12.The screen shown in Figure 7-9 is displayed while the installation process is taking place.
As noted, the installation might take a few minutes. Do not touch the keyboard or mouse during this period, just let it finish.
Figure 7-9 Start of TKLM installation
Chapter 7. TKLM Linux installation 131 13.When the middleware has been installed, the wizard automatically starts creating the
database, displaying the screen shown in Figure 7-10. Again, do not touch the keyboard or mouse during this process.
Figure 7-10 Database creation
14.When DB2 installation is complete the screen shown in Figure 7-11 is displayed. Click Next to start TKLM v2 deployment engine installation.
Figure 7-11 DB2 installation complete screen
15.The next screen shows progress of the installation (Figure 7-12). Do not touch the keyboard or mouse during this period.
Figure 7-12 TKLM v2 installation steps
16.When the screen in Figure 7-13 is displayed, specify a TKLM v2 destination directory or leave the default. Click Next.
Figure 7-13 Specify TKLM installation folder
Chapter 7. TKLM Linux installation 133 17.The next screen prompts you to wait until TIP it is configured for your system
(Figure 7-14).
Figure 7-14 TIP configuration
18.On the screen shown in Figure 7-15, enter the requested information to create an application server profile. Click Next.
Figure 7-15 Server profile
Note: This will be your TIP password to log in as TIPAdmin user ID. Refer to 9.1, “Role Based Access Control (RBAC)” on page 162 for a complete description of default Users and Groups created during installation.
19.Type your TKLMAdmin password on the screen shown in Figure 7-16 and click Next.
Figure 7-16 TKLMAdmin password
Note: This password will be used to log into TKLM administrator to access all TKLM operations.
Chapter 7. TKLM Linux installation 135 20.If you have an existing configuration profile from a previous installation and you want to
migrate it to this TKLM v2 installation, select the Migrate Encryption Key Manager check box, specify the correct path, and click Next. If there is no configuration profile to migrate, just click Next.
Figure 7-17 Migration panel
21.The Pre-Installation Summary panel (Figure 7-18) shows disk space requirements and a list of all applications that will be installed. If everything is correct, click Install. This begins the installation of the Tivoli Integrated Portal.
Figure 7-18 Pre-installation summary
Chapter 7. TKLM Linux installation 137 22.Progress of the installation is displayed on the screen, as shown in Figure 7-19.
Depending of your server characteristics, the process might take a while. Do not touch the keyboard or mouse while installation is under way, just leave it running.
Figure 7-19 TIP installation progress
23.When installation is complete a success message is displayed (Figure 7-20). This screen also indicates how to access TKLM v2 using a browser. Click Done to quit the installer.
This redirects you to the Tivoli Integrated Portal Login screen (Figure 7-21 on page 139).
Figure 7-20 TKLM_v2_inst_done
Chapter 7. TKLM Linux installation 139 24.On the login screen type the TKLMAdmin user ID and password created during installation
and click Log in.
Figure 7-21 TKLM v2 login screen
25.A welcome window is displayed with an action required (Figure 7-22). Click the area indicated in the Action items box to create the master keystore.
Figure 7-22 TKLM v2 welcome screen
Chapter 7. TKLM Linux installation 141 26.Keystore credentials are requested (Figure 7-23). Type the required information and click
OK.
Figure 7-23 Keystore credentials
27.A Keystore Created Successfully message is displayed. Click the indicated line under Next Steps to start configuration.
Figure 7-24 Keystore created screen
28.A configuration screen is displayed. In the Key Serving Parameters section clear any other marked choices and select Create self-signed certificates. Click OK (Figure 7-25) or scroll down to access additional parameter fields.
Figure 7-25 TKLM v2 keystore configuration
Chapter 7. TKLM Linux installation 143 29.Enter the appropriate certificate label, description, and validity period. Click
OK (Figure 7-26).
Figure 7-26 Key_parameters
30.A final summary configuration screen is displayed, as shown in Figure 7-27. This screen also reminds you that a server restart is required to update the configuration, and that you should make a backup copy of the file.
Figure 7-27 Final configuration summary
Chapter 7. TKLM Linux installation 145 31.When you access the Tivoli Key Lifecycle Manager a welcome screen is displayed
(Figure 7-28). Procedures accessed from the Key and Device Management section are required to complete TKLM configuration. Refer to 9.1, “Role Based Access Control (RBAC)” on page 162 to continue the TKLM v2 configuration steps.
Figure 7-28 TKLM v2 welcome screen
© Copyright IBM Corp. 2010. All rights reserved. 147