How to upgrade from version 1.x - 2.4.x to version 2.5.x
Important changeovers were made from the previous version to the current version.
The operating system has been updated from CentOS6 to CentOS7
The application server was migrated from jboss 7 to WildFly 14.0.0.Final
In addition to a series of application improvements that you can find at the changelog https://namirial.atlassian.net/wiki/display/SWS/Changelog
To complete the update you need to create a new machine and proceed to a new appliance installation that you find at the following link History - SWS OnPremise - RPM package#HowtoobtaintheOVFvirtualappliance .
A step by step installation guide can be found at the following link History - SWS OnPremise - RPM package#Deploymentandtest.
Once the installation is complete you will need to reconfigure your VA with the production keystore, you can find at this link a detail on how to do this History - SWS OnPremise - RPM package#MigratefromTESTtoPRODenvironment.
If you want to stay up to date with the latest version we recommend you follow this guide. FAQ#FAQ#HowcaniupgradeSWSappliancetolatestversion?
How can i export the log from SWS?
At this link:
History - SWS OnPremise - RPM package#ExportLogFiles
You can see the guide for export the files.
How can i see the SWS version?
There are two ways. First way:
Go to link:
http://<IP-APPLIANCE>:8080/SignEngineWeb/help.xhtml
And read the version software (starts with 2.x )
Or:
1) Login SSH to appliance and execute:
rpm -q sws
And read the version software (starts with 2.x)
NOTE: for the old appliance SWS is available only the second way.
How can i upgrade SWS appliance to latest version?
1) Login SSH to SWS appliance
2) Execute:
sudo yum update https://sws.namirialtsp.com/download/sws.rpm
How can i obtain the TEST Namirial App OTP?
If you download the Namirial App OTP from the official store (PlayStore and AppleStore), you can use ONLY the Namirial PROD enviroment.
If you need to use the Namirial TEST environment, you can download the app from this link:
For Android:
https://appdistribution.firebase.dev/i/e843f2440b8a7b69
For iOS:
Template support request in case of problems with integration
The fields required are:
DATE and TIME when you have received the error: ???
URL ENDPOINT: ???
METODO NAME CALLED: ???
INPUT PARAMETERS: ???
ERROR RECEIVED (from our server): ???
How can i install SWS in standalone mode?
Is possible to install SWS in standalone mode ONLY in server RedHat, Almalinux9 and CentOS (this OS is supported until June 2024). Below the procedure:
wget https://sws.firmacerta.it/download/sws2_packages.tar.gz tar xzfv sws2_packages.tar.gz
Move into directory just extracted and run this command:
./install.sh
How can i TEST SWS onPremise?
This type of distribution require the customer make a server in her infrastructure and install RPM package with SWS application, like described at this guide:
How can i TEST SWS SaaS?
The url prefix for TEST SWS SaaS is:
https://sws-companynamesaas.test.namirialtsp.com/SignEngineWeb
This is the link for download SSL certificate on our service
For example during the integration the full url to use for SOAP request is:
https://sws-companynamesaas.test.namirialtsp.com/SignEngineWeb/sign-service?wsdl
And the full url for REST request is:
https://sws-companynamesaas.test.namirialtsp.com/SignEngineWeb/rest/sign/signPades
How can i fix the problem caused by truststore not updated?
If in the SWS logs is present the messege:
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
The problem maybe caused by the trustore not updated. Below the step to fix the problem:
1) Login SSH to the SWS virtual machine
2) Type the following command
rpm -q sws
3) If the output of the command starts with "sws-2.4" you should perform the following commands:
wget https://sws.firmacerta.it/download/truststore.jks -O /home/jboss/.SignEngine/keystore/truststore.jks wget https://sws.firmacerta.it/download/cacerts -O /usr/java/latest/lib/scurity/cacerts
And
service jboss restart
If the output of the command starts with "sws-2.5" you should perform the following command:
sudo wget https://sws.firmacerta.it/download/truststore.jks -O /home/wildfly/.SignEngine/keystore/truststore.jks
And
sudo service wildfly restart
How to remove production certificate?
When installing a production certificate the machine cannot return to the environment test from the graphic panel.
If you want to restore the appliance to the initial state, you must remove this file using the command:
# Login into your VA using SSH # For SWS 1.x - 2.4.x rm -rvf /home/jboss/.SignEngine/keystore/prod_keystore.jks rm -rvf /home/jboss/.SignEngine/client.properties # For SWS 2.5.x rm -rvf /home/wildfly/.SignEngine/keystore/prod_keystore.jks rm -rvf /home/wildfly/.SignEngine/client.properties
Next you need to restart WildFly/JBoss service using this command:
# For SWS 1.x - 2.4.x sudo service jboss restart # For SWS 2.5.x sudo service wildfly restart
Once operation is completed than you have your installation in a initial state.
How can i migrate manually from TEST to PROD environment?
In you pc
1) Rename JKS of SSL certificate (received by mail) to: "prod_keystore.jks"
2) create file "client.properties" and add this entry:
- ws.client.dynamic.remotesignature.address = https://fra.firmacerta.it/ExtendedSignature/services
- ws.client.keystore.filename = /home/wildfly/.SignEngine/keystore/prod_keystore.jks
3) Login via WinScp/FileZilla with user "sws" (the password is the same for ssh login)
4) Copy the file:
- prod_keystore.jks
- client.properties
Into folder "/tmp"
5) Login SSH to SWS appliance and execute this command:
- sudo service wildfly stop
- sudo mv /tmp/prod_keystore.jks /home/wildfly/.SignEngine/keystore/
- sudo mv /tmp/client.properties /home/wildfly/.SignEngine/
- sudo chown -R wildfly:wildfly /home/wildfly/.SignEngine
- sudo service wildfly start
How can i enable the login via application?
By default the login has made using the ssh (the SWS gui run the login command to check the password)
Therefore login ssh and login gui have the same password!!!
Is possible to set the login using the properties, following this procedure:
1) Login to SSH appliance
2) sudo service wildfly stop
3) create file if not present:
- /home/wildfly/.SignEngine/client.properties
4) Add this entry (the password is "sws2015"):
sws.usesystemauth=false
sws.admin.password=4b83503e5c2d9e04bbc15135e3377de406b94a8431c85ed7574314f891413a1eadb73bf267fb65b41252952eea644bcbb9df7700b3d3888236f2b14e8749c1c7
5) sudo service wildfly start
NOW you can make a login and chage password
The commando to calculate the password is:
echo -n "sws2015" | openssl dgst -sha512 | awk '{print $2}'
Where can i obtain all Namirial root CA?
At this link:
you can download all root CA