Veritas Data Insight Installation Guide

Last Published:
Product(s): Data Insight (6.6.1)
Platform: Windows
  1. Understanding the Veritas Data Insight architecture
    1.  
      About Veritas Data Insight
    2.  
      About the Management Server
    3. About the Collector worker node
      1.  
        About the Collector
      2.  
        About the Scanner
    4.  
      About the Indexer worker node
    5.  
      About the Classification Server
    6.  
      About the Self-Service Portal node
    7.  
      About Communication Service
    8.  
      About the DataInsightWatchdog service
    9.  
      About the DataInsightWorkflow service
    10. About Veritas Data Insight installation tiers
      1.  
        About three-tier installation
      2.  
        About two-tier installation
      3.  
        About single-tier installation
  2. Preinstallation
    1.  
      Pre-installation steps
    2.  
      Minimum system requirements for Data Insight components
    3.  
      System requirements for classification components
  3. Installing Veritas Data Insight
    1.  
      About installing Veritas Data Insight
    2.  
      Federal Information Processing Standards (FIPS)
    3.  
      Performing a single-tier installation
    4.  
      Performing a two-tier installation
    5.  
      Performing a three-tier installation
    6.  
      Installing the Management Server
    7.  
      Installing the worker node
    8.  
      Installing the Classification Server
    9.  
      Installing the Self-Service Portal
    10.  
      Installing a Linux Indexer worker node
    11.  
      Installing Veritas Data Insight in Azure Cloud Environment
    12.  
      Installing Veritas Data Insight in AWS Cloud Environment
  4. Upgrading Veritas Data Insight
    1.  
      Upgrading Data Insight to 6.6.1
    2.  
      Upgrading the product data using the Upgrade Data Wizard
    3.  
      Names and locations of cache files
    4.  
      Upgrading the Data Insight web service for SharePoint
  5. Post-installation configuration
    1.  
      Post-installation configuration
    2.  
      Registering the worker node
    3. About post-installation security configuration for Management Server
      1.  
        About SSL client/server certificates
      2.  
        Enabling CA signed certificates for inter-node communication
      3.  
        Generating Management Console certificate
    4.  
      Configuring your corporate firewall
  6. Installing Windows File Server agent
    1.  
      About Windows File Server agent
    2.  
      Installing Windows File Server agent manually
    3.  
      Configuring the Windows File Server using ConfigureWindowsFileServer.exe
  7. Getting started with Data Insight
    1.  
      About the Data Insight Management Console
    2.  
      Logging in to the Data Insight Management Console
    3.  
      Logging out of the Data Insight Management Console
    4.  
      Displaying online help
  8. Uninstalling Veritas Data Insight
    1.  
      Uninstalling Veritas Data Insight
  9. Appendix A. Installing Data Insight using response files
    1.  
      About response files
    2.  
      Installing Data Insight using response files
    3.  
      Sample response files

Enabling CA signed certificates for inter-node communication

If you want to opt for CA signed certificates, perform the following steps on the Management Server.

On the Management Server,

  1. Rename C:\DataInsight\data\keys\commd.keystore to commd-org.keystore
  2. Import CA Issued Certifcate file (pfx) to the commd keystore.
  3. For FIPS Mode, execute the following command "C:\Program Files\DataInsight\jre\bin\keytool.exe" -importkeystore -srckeystore "c:\<Location of .pfx file>" -destkeystore "C:\DataInsight\data\keys\commd.keystore" -srcalias <certificate unique id> -destalias tomcat -deststoretype bcfks -destkeypass changeit -provider com.safelogic.cryptocomply.jcajce.provider.CryptoComplyFipsProvider -providerpath "C:\Program Files\DataInsight\jre\lib\ext\ccj-3.0.1.jar"
  4. For Non-FIPS Mode, execute the following command "C:\Program Files\DataInsight\jre\bin\keytool.exe" -importkeystore -srckeystore "c:\<Location of .pfx file>" -destkeystore "C:\DataInsight\data\keys\commd.keystore" -srcalias <certificate unique id> -destalias tomcat -deststoretype jks -destkeypass changeit
  5. Create a backup of the cacerts keystore, you can find at C:\Program Files\DataInsight\jre\lib\security\cacerts.
  6. Rename C:\Program Files\DataInsight\jre\lib\security\cacerts to cacerts-org.
  7. For FIPS Mode, delete the self-signed certificate from the cacerts keystore by executing the following command "C:\Program Files\DataInsight\jre\bin\keytool.exe" -delete -alias tomcatTrustedCA -storepass changeit -keystore "C:\Program Files\DataInsight\jre\lib\security\cacerts" -storetype bcfks -provider com.safelogic.cryptocomply.jcajce.provider.CryptoComplyFipsProvider -providerpath "C:\Program Files\DataInsight\jre\lib\ext\ccj-3.0.1.jar"
  8. For Non-FIPS Mode, delete the self-signed certificate from the cacerts keystore by executing the following command "C:\Program Files\DataInsight\jre\bin\keytool.exe" -delete -alias tomcatTrustedCA -storepass changeit -keystore "C:\Program Files\DataInsight\jre\lib\security\cacerts"
  9. Copy C:\DataInsight\data\keys\commd.keystore from the Management Server to all Remote Servers located at C:\DataInsight\data\keys.
  10. Restart the DataInsightComm services on the Management Server and all remote nodes.

To apply the CA provided certificate to secure web portal communications,

  1. Rename C:\DataInsight\data\keys\webserver.keystore to webserver-org.keystore.
  2. Import CA Issued Certifcate file (pfx) to the commd keystore.
  3. For FIPS Mode, execute the following command "C:\Program Files\DataInsight\jre\bin\keytool.exe" -importkeystore -srckeystore "c:\<Location of .pfx file>" -destkeystore "C:\DataInsight\data\keys\webserver.keystore" -srcalias <certificate unique id> -destalias tomcat -deststoretype bcfks -destkeypass changeit -provider com.safelogic.cryptocomply.jcajce.provider.CryptoComplyFipsProvider -providerpath "C:\Program Files\DataInsight\jre\lib\ext\ccj-3.0.1.jar"
  4. For Non-FIPS Mode, execute the following command "C:\Program Files\DataInsight\jre\bin\keytool.exe" -importkeystore -srckeystore c:\<Location of .pfx file> -destkeystore C:\DataInsight\data\keys\webserver.keystore -srcalias <certificate unique id> -destalias tomcat -deststoretype jks -destkeypass changeit
  5. Restart the DataInsightWeb on the Management Server.

To apply the CA provided certificate to secure Self Service portal communications,

  1. Rename C:\DataInsight\data\keys\portal.keystore to portal-org.keystore.
  2. Import CA Issued Certifcate file (pfx) to the webserver portal.
  3. For FIPS Mode, execute the following command "C:\Program Files\DataInsight\jre\bin\keytool.exe" -importkeystore -srckeystore "<Location of .pfx file>" -destkeystore "C:\DataInsight\data\keys\portal.keystore" -srcalias <certificate unique id> -destalias tomcat -deststoretype bcfks -destkeypass changeit -provider com.safelogic.cryptocomply.jcajce.provider.CryptoComplyFipsProvider -providerpath "C:\Program Files\DataInsight\jre\lib\ext\ccj-3.0.1.jar"
  4. For Non-FIPS Mode, execute the following command "C:\Program Files\DataInsight\jre\bin\keytool.exe" -importkeystore -srckeystore c:\<Location of .pfx file> -destkeystore C:\DataInsight\data\keys\portal.keystore -srcalias <certificate unique id> -destalias tomcat -deststoretype jks -destkeypass changeit
  5. Restart the DataInsightPortal on the Server designated as the Self Service Portal.