How to upgrade from version 1.x - 2.4.x to version 2.5.x

Important changeovers were made from the previous version to the current version.

• The operating system has been updated from CentOS6 to CentOS7

• The application server was migrated from jboss 7 to WildFly 14.0.0.Final

• In addition to a series of application improvements that you can find at the changelog https://namirial.atlassian.net/wiki/display/SWS/Changelog
  

To complete the update you need to create a new machine and proceed to a new appliance installation that you find at the following link History - SWS OnPremise - RPM package#HowtoobtaintheOVFvirtualappliance .

A step by step installation guide can be found at the following link History - SWS OnPremise - RPM package#Deploymentandtest.

Once the installation is complete you will need to reconfigure your VA with the production keystore, you can find at this link a detail on how to do this History - SWS OnPremise - RPM package#MigratefromTESTtoPRODenvironment.

If you want to stay up to date with the latest version we recommend you follow this guide. FAQ#FAQ#HowcaniupgradeSWSappliancetolatestversion?

How can i export the log from SWS?

At this link:

History - SWS OnPremise - RPM package#ExportLogFiles

You can see the guide for export the files.

How can i see the SWS version?

There are two ways. First way:

Go to link: 

http://<IP-APPLIANCE>:8080/SignEngineWeb/help.xhtml

And read the version software (starts with 2.x )

Or:

1) Login SSH to appliance and execute:

rpm -q sws

And read the version software (starts with 2.x)

NOTE: for the old appliance SWS is available only the second way.

How can i upgrade SWS appliance to latest version?

1) Login SSH to SWS appliance

2) Execute:

sudo yum update https://sws.namirialtsp.com/download/sws.rpm

How can i obtain the TEST Namirial App OTP?

If you download the Namirial App OTP from the official store (PlayStore and AppleStore), you can use ONLY the Namirial PROD enviroment.

If you need to use the Namirial TEST environment, you can download the app from this link:

For Android:

https://appdistribution.firebase.dev/i/e843f2440b8a7b69

For iOS:

https://testflight.apple.com/join/4ZUE4zjf

Template support request in case of problems with integration

The fields required are:

DATE and TIME when you have received the error: ???
URL ENDPOINT: ???
METODO NAME CALLED: ???
INPUT PARAMETERS: ???
ERROR RECEIVED (from our server): ???

How can i install SWS in standalone mode?

Is possible to install SWS in standalone mode ONLY in server RedHat, Almalinux9 and CentOS (this OS is supported until June 2024). Below the procedure:

wget https://sws.firmacerta.it/download/sws2_packages.tar.gz
tar xzfv sws2_packages.tar.gz

Move into directory just extracted and run this command:

./install.sh

How can i TEST SWS onPremise?

This type of distribution require the customer make a server in her infrastructure and install RPM package with SWS application, like described at this guide:

How can i TEST SWS SaaS?

The url prefix for TEST SWS SaaS is:

https://sws-companynamesaas.test.namirialtsp.com/SignEngineWeb

This is the link for download SSL certificate on our service

For example during the integration the full url to use for SOAP request is:

https://sws-companynamesaas.test.namirialtsp.com/SignEngineWeb/sign-service?wsdl

And the full url for REST request is:

https://sws-companynamesaas.test.namirialtsp.com/SignEngineWeb/rest/sign/signPades

How can i fix the problem caused by truststore not updated?

If in the SWS logs is present the messege:

Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

The problem maybe caused by the trustore not updated. Below the step to fix the problem:

1) Login SSH to the SWS virtual machine

2) Type the following command

rpm -q sws

3) If the output of the command starts with "sws-2.4" you should perform the following commands:

wget https://sws.firmacerta.it/download/truststore.jks -O /home/jboss/.SignEngine/keystore/truststore.jks wget https://sws.firmacerta.it/download/cacerts -O /usr/java/latest/lib/scurity/cacerts

And 

service jboss restart

If the output of the command starts with "sws-2.5" you should perform the following command:

 sudo wget https://sws.firmacerta.it/download/truststore.jks -O /home/wildfly/.SignEngine/keystore/truststore.jks

And

sudo service wildfly restart

How to remove production certificate?

When installing a production certificate the machine cannot return to the environment test from the graphic panel. 

If you want to restore the appliance to the initial state, you must remove this file using the command:

# Login into your VA using SSH

# For SWS 1.x - 2.4.x
rm -rvf /home/jboss/.SignEngine/keystore/prod_keystore.jks
rm -rvf /home/jboss/.SignEngine/client.properties

# For SWS 2.5.x
rm -rvf /home/wildfly/.SignEngine/keystore/prod_keystore.jks
rm -rvf /home/wildfly/.SignEngine/client.properties

Next you need to restart WildFly/JBoss service using this command:

# For SWS 1.x - 2.4.x
sudo service jboss restart

# For SWS 2.5.x
sudo service wildfly restart

Once operation is completed than you have your installation in a initial state.

How can i migrate manually from TEST to PROD environment?

In you pc
1) Rename JKS of SSL certificate (received by mail) to: "prod_keystore.jks"
2) create file "client.properties" and add this entry:
    - ws.client.dynamic.remotesignature.address = https://fra.firmacerta.it/ExtendedSignature/services
    - ws.client.keystore.filename = /home/wildfly/.SignEngine/keystore/prod_keystore.jks
3) Login via WinScp/FileZilla with user "sws" (the password is the same for ssh login)
4) Copy the file:
    - prod_keystore.jks
    - client.properties
    Into folder "/tmp"
5) Login SSH to SWS appliance and execute this command:
    - sudo service wildfly stop
    - sudo mv /tmp/prod_keystore.jks /home/wildfly/.SignEngine/keystore/
    - sudo mv /tmp/client.properties /home/wildfly/.SignEngine/
    - sudo chown -R wildfly:wildfly /home/wildfly/.SignEngine
    - sudo service wildfly start

How can i enable the login via application?

By default the login has made using the ssh (the SWS gui run the login command to check the password)
Therefore login ssh and login gui have the same password!!!

Is possible to set the login using the properties, following this procedure:
1) Login to SSH appliance
2) sudo service wildfly stop
3) create file if not present:
    - /home/wildfly/.SignEngine/client.properties
4) Add this entry (the password is "sws2015"):
    sws.usesystemauth=false
    sws.admin.password=4b83503e5c2d9e04bbc15135e3377de406b94a8431c85ed7574314f891413a1eadb73bf267fb65b41252952eea644bcbb9df7700b3d3888236f2b14e8749c1c7
5) sudo service wildfly start

NOW you can make a login and chage password

The commando to calculate the password is:

echo -n "sws2015" | openssl dgst -sha512 | awk '{print $2}'