Identity Governance uses Apache Tomcat to host and run the user interface. This allows users to access and use Identity Governance without having to install a client. You must install Apache Tomcat on the same server where you install Zulu OpenJDK and Identity Governance. Use the following information to help you install Apache Tomcat.
Review the following considerations before installing Apache Tomcat:
We highly recommend that you configure Apache Tomcat to use https with either TLSv1.2 or TLS1.1. Any prior version of TLS should not be used. For more information, see SSL/TLS Configuration How-To
.
(Conditional) If you use Linux, do not run Apache Tomcat as root. Best practice for security on Linux is to not install programs as root and use an administrator account with privileges to install products instead.
You must install Apache Tomcat on the same server that has Zulu OpenJDK installed and where you will install Identity Governance.
Ensure that you install the version of Apache Tomcat that Identity Governance requires. For more information, see Section 2.4.1, Identity Governance Server System Requirements.
Access the Apache Tomcat website and download the supported version.
Use the documentation for the supported version of Apache Tomcat to complete the installation. For more information, see the Apache Tomcat web page.
(Optional) Create and use a common directory for the Apache Tomcat installation such as:
Linux: /opt/netiq/idm/apps/tomcat
Windows: C:\netiq\idm\apps\tomcat
Ensure that you configure TLSv1.2 or TLSv1.1 for https communication. For more information, see SSL/TLS Configuration How-To
.
Record the installation path for Apache Tomcat to use when installing Identity Governance, OSP, and Identity Reporting.
When you make configuration changes for Identity Governance, you must restart or stop and restart Apache Tomcat to have the changes take effect. If you used the installation scripts we provided to install Apache Tomcat, you use different commands to restart Apache Tomcat. For more information, see Section B.1, Stopping, Starting, and Restarting the Apache Tomcat Service.
Use the following information to start, stop, and restart Apache Tomcat on Linux or Windows servers.
Access the installation directory of Apache Tomcat from the command line.
Linux: CATALINA_HOME/bin
Windows: CATALINA_HOME\bin
To start Apache Tomcat, enter the following at the command line:
Linux: ./startup.bin
Windows: startup.bat
To stop Apache Tomcat, enter the following at the command line:
Linux: ./shutdown.sh
Windows: shutdown.bat