Linux Package Installation

MTG Packages

MTG provides following packages for all supported operating systems:

Component Package name Description

MTG-Common

mtg-common

MTG product independent files and settings.

MTG-CARA-Common

mtg-cara-common

MTG CARA global product files and settings.

CLM Server

mtg-clm-server

The backend component fo CLM.

CLM UI

mtg-clm-ui

The frontend component of CLM.

ACME Server

mtg-acme-server

The ACME Interface of CLM.

EST Server

mtg-est-server

The EST Interface of CLM.

SCEP Server

mtg-scep-server

The SCEP Interface of CLM.

CMP Server

mtg-cmp-server

The CMP Interface of CLM.

ERS CLI

mtg-ers-cli

The ERS CLI application.

Revocation Info Server

mtg-cara-rev-info-server

OCSP & HTTP Interfaces.

Autoenrollment Connector

mtg-aec-server

The MS Autoenrollment Interface of MTG.

Keycloak

mtg-keycloak

Repackaged Keycloak distribution provided by MTG. Original source: www.keycloak.org/.

Java

mtg-java

Repackaged Java distribution provided by MTG. Original source: adoptium.net/.

Apache Web Server

mtg-apache2

Repackaged Apache HTTPd distribution provided by MTG. Original source: httpd.apache.org/.

Operating System User

All components are installed under the OS user “cara” with group “cara”. This user will be created automatically during the installation of the MTG-CARA-Common package. However, this “cara” user can also be created manually, prior to the package installation. After completing the installation, it is suggested to set a (unique) user password (as “root”), so the cara user can also be used for login, if necessary.

Additional OS users can be created for external components like Postgres server etc.

Package installation

To install or update a component, execute:

RPM-Based systems

rpm -U {package-name}-<X.X.X-REV>.<DIST>.<arch>.rpm

DPKG-Based systems

dpkg -i {package-name}-<X.X.X-REV>~<DIST-VER>_<arch>.deb

This installs the component under /opt/{package-name}/.

System startup

All packages are integrated with systemd. To check the status of the systemd service, execute the following command:

systemctl status {package-name}

To start/restart a component, execute following commands accordingly:

systemctl start {package-name}
systemctl restart {package-name}

To enable the component on system boot, execute:

systemctl enable {package-name}

Package-Update Installation

A package update can be applied in the same way as the installation. The package installer also verifies any package dependencies, which will prevent the installation of a newer package (without installing/updating the packages this newer package depends on).

Existing config-files will be kept untouched by the update process. The package-management-system will either ask what to do with the changed config or just place a copy of the new version in parallel to the existing one.

Verification of the Package Installation

The installed MTG system packages can be listed using the following command:

RPM:

rpm -qa | grep -i mtg

DEB:

dpkg -l | grep -i mtg

The installed MTG Certificate Lifecycle Manager Server packages can be listed using the following command:

RPM:

rpm -qa | grep -i {product-name}

DEB:

dpkg -l | grep -i {product-name}

Application Logs

The application logs can be found under /var/log/mtg/{package-name}/{logfile-name}.log.

To check the logs at runtime, execute the following command:

tail -n 300 -f /var/log/mtg/{package-name}/{logfile-name}.log

or

journalctl -n 300 -f -u {package-name}