This procedure describes how to install Workflow Engine for Identity Governance using the guided method or the console method. You can also perform a silent installation by using the silent properties file.
To prepare for the installation, review the prerequisites and system requirements.
Log in as an administrator on the server where you want to install the Workflow Engine.
NOTE:The Workflow Engine requires you to log in as root on the Linux server or an administrator on the Windows server to complete the installation successfully.
Ensure that you have a copy of the installer on this server. For more information, see Section 2.2, Obtaining Identity Governance, Identity Reporting, Workflow Engine, and OSP.
If you are using an unsecured environment, stop Apache Tomcat. Otherwise you need Apache Tomcat running so the certificates can be retrieved during Step 9.
From the directory that contains the installation files, complete one of the following actions:
NOTE:To execute the file, you might need to use the chmod +x or sh command for Linux or use Run as administrator if you did not log in to your Windows server as an administrator.
Linux: Enter one of the following commands from a command prompt:
Console: ./identity-governance-install-linux.bin -i console
Guided: ./identity-governance-install-linux.bin
Windows: Enter the following from a command prompt:
Console: identity-governance-install-win.exe -i console
Guided: identity-governance-install-win.exe
Read and accept the License Agreement.
Select Workflow Engine for the install set.
Use the information you gathered in Section 8.2, Workflow Engine Installation Worksheet to complete the installation.
Review the pre-installation summary.
(Conditional) If prompted, accept the certificates you trust, reject any certificates you do not trust, and acknowledge any errors.
The installer checks to see if you selected SSL/TLS or https for communication to the connected systems. The installer attempts to retrieve those certificates and add them to the trust store. If you used a self-signed certificate for any of the connected systems, the installer prompts you to accept or reject the certificates because self-signed certificates are untrusted certificates. The installer adds the accepted certificates to the trust store. For more information, see Section 3.8, Securing Connections with TLS/SSL.
NOTE:If you are in a distributed environment, and if you are using a later version of Java Zulu OpenJDK (such as 8u312), the installer could present each certificate for acceptance only once. The installer compares certificates in a specific order. If the certificates you accepted are from a certificate authority (CA), then any subsequent certificates signed by the same CA are automatically trusted.
(Conditional) In a secured (TLS) environment, stop Apache Tomcat. For more information, see Section 3.4.3, Starting and Stopping Apache Tomcat.
Start the installation process.
When the installation process completes, review the Workflow Engine logs. The default location of the logs is here:
Linux: /opt/netiq/idm/apps/wfe/logs
Windows: C:\netiq\idm\apps\wfe\logs
Before starting Apache Tomcat again, delete the contents of the following two directories from Apache Tomcat that contain cached files. The directories are:
Linux: Default installation location:
/opt/netiq/idm/apps/tomcat/temp
/opt/netiq/idm/apps/tomcat/work/Catalina/localhost
Windows: Default installation location:
C:\netiq\idm\apps\tomcat\temp
C:\netiq\idm\apps\tomcat\work\Catalina\localhost
Proceed to Section 9.0, Completing the Installation Process.