Manual database configuration
When the user chooses to configure database later it is mandatory to edit the application.conf
configuration file and set the required database parameters before the server can be started. Configuration file is located under /opt/safeqcloud/conf
directory. It can be opened using remote SSH utilities such as MobaXTerm or directly from Linux shell using any of the available editors, for example vi
or nano
.
Find the following section in the configuration file:
There are two sets of database parameters that must be configured: one for the server configuration settings (eopng_config) and another one for reporting purposes (eopng_documents). This setup requires two databases (or database instances) to be created on the target database cluster by database administrator. Make sure they are created before continuing with SAFEQ Cloud server configuration.
Database url
parameter
- For MS SQL Server enter the following URL (in double quotes):
jdbc:sqlserver://SERVERADDR:PORT;database=DBNAME;authentication=SqlPassword
where SERVERADDR is the database address, PORT is the port number (1433) and DBNAME is one of eopng_config
or eopng_documents
. Make sure both of them exist on the database cluster. More information is available at the following link: Microsoft JDBC driver
- For PostgreSQL server enter the following URL (in double quotes):
jdbc:postgresql://SERVERADDR:PORT/DBNAME
where SERVERADDR is the database server address, PORT is the port number (5432) and DBNAME is one of eopng_config
or eopng_documents
which must exist on the target database. For information is available at the following link: PostgreSQL JDBC driver
- For Oracle server enter the following URL (in double quotes):
jdbc:oracle:thin:@(DESCRIPTION= (ADDRESS= (PROTOCOL=tcps) (HOST=SERVERADDR) (PORT=PORTNUM) ) (CONNECT_DATA= (SERVICE_NAME=DBNAME)))
where SERVERADDR is the database server address, PORTNUM is the port number, DBNAME is the database instance name. PROTOCOL parameter can be one of tcp (plain connection) or tcps (SSL connection). In case of SSL connection the server certificate must be globally trusted. Otherwise an extra step is needed to add a custom CA root certificate to the server’s trust store. More information is available at the following link: Oracle JDBC driver
Database username
parameter
Enter a user name of the database user. The user must have permissions to read, write and modify database schema.
Database password
parameter
Enter a password for the user in clear text. It will be automatically encrypted by the server.
SSL configuration for database cluster and SAFEQ Cloud server
Please refer to vendor-specific documentation on how to configure a particular database for SSL connectivity.
If SSL connection is required to the database cluster and the database server certificate is not signed with a globally trusted CA root certificate it will be necessary to add a custom CA root certificate to the server’s trust store. To do that:
- Prepare a CA root certificate in the DER or PEM format
- Copy this certificate to the target server
- Import it into the server’s trust store by running the following command (as a root user or with sudo prefix):
/opt/safeqcloud/jre/bin/keytool -importcert -file /path/to/cacert.cer -alias db-cert -keystore /opt/safeqcloud/conf/truststore
When prompted for a trust store password enter changeit.
When prompted whether to trust a new certificate type yes and press ENTER.