Publish
When setting up Offline publication, the publication will create a database based on the settings in server.config. The publisher will create a database with the same version as the instance in the settings file.
...
Issuer: The name for the entity which is responsible for issuing and validating tokens (unique name, ex: hostname)
Audience: Name of the entity by which the token is intended to be used. (unique name, ex: hostname)
DurationInMinutes: How long a token is considered valid. After it has expired, the client will need to authenticate again. This is done seamlessly in the background and requires no user interaction.
Secret: A Base64 randomly generated string. A length of 128 bytes is recommended. Make sure this is kept secret!
2. Server setup: Certificate-based authentication
...
Download the certificate of the Root CA. Either check with your certificate provider or get the service URLs from the user certificate.
Install the Root CA on the server. You will likely be asked where to install the certificate, make sure to choose Local Machine and NOT Current User (Reason: IIS has its own current user and will not see the certificate if installed in the user store). For the location, pick “Trusted Root Certificate Authorities”.
Double check that you got the right certificate and that you installed it at the right location
3. Client setup: Certificate-based authentication
The client does not need to be configured when it comes to JSON Web Tokens, but it needs to be configured if certificate-based authentication is intended to be used.
To do so, please add the following settings in anytime.setup.config:
| Code Block | ||
|---|---|---|
| ||
<!-- File: anytime.setup.config -->
<CertificateEnabled>true</CertificateEnabled>
<CertificateStoreName>My</CertificateStoreName>
<CertificateStoreLocation>CurrentUser</CertificateStoreLocation>
<CertificateIssuer>YOUR_ISSUER_HERE</CertificateIssuer> |
Let’s go over the four different settings:
CertificateEnabled: If true, the configured certificate will be used for authentication, otherwise, it will use the default basic authentication method (username/password)
CertificateStoreName: Specific value used to find the certificate on the user’s machine. If it’s a personal certificate, then the store name will be “My”.
CertificateStoreLocation: This is also used to find the certificate. In case of a user certificate, the location will be “CurrentUser”.
CertificateIssuer: The Certificate Authority (CA) responsible for issuing the certificate.
Silent Installation
For customers who do not wish to do any kind of customization when installing, it is possible to skip the installation mode popup by adding the following setting in anytime.setup.config:
| Code Block | ||
|---|---|---|
| ||
<!-- File: anytime.setup.config -->
<SilentInstallEnabled>true</SilentInstallEnabled> |
If this setting is missing from the configuration file, it will default to false.
Silent Uninstallation
Similarly to the Silent Installation, it is possible to configure the Offline client so that it quietly uninstalls itself by skipping the “Feature Select Uninstall” dialog:
| Code Block | ||
|---|---|---|
| ||
<!-- File: anytime.setup.config -->
<SilentUninstallEnabled>true</SilentUninstallEnabled> |
If this setting is missing from the configuration file, it will default to false.
Windows programs list registration
It is possible to customize how the Offline Client appears in the Windows programs list. This can be achieved by configuring the <ProgramEntryDefinition> setting in anytime.setup.config. Below is an example of how it looks like for KLA:
...
| language | xml |
|---|
...
For instructions on how to configure inside anytime.setup.config, please refer to: Client app configuration (anytime.setup.config)
Customization
When an offline publication is created, Manager will look in this folder to fetch the customizations to use in the offline installation package that is created by the offline publication process.
...