Configuring Delinea Credentials Cache on Ubuntu Linux

To configure Delinea Credentials Cache on Ubuntu Linux, you must also perform the following configuration tasks:

  • Install .NET Core on Ubuntu.

  • Set up Apache Tomcat as a proxy server.

The following sections describe how to perform these tasks.

In addition, you must also publish Delinea Credentials Cache on Linux. For detailed instructions, see Publish Delinea Credentials Cache on Linux.

Installing .NET Core on Ubuntu

Open the Ubuntu command prompt with root privileges and run the commands in the order listed below.

  1. Get Ubuntu version

    declare repo_version=$(if command -v lsb_release &> /dev/null; then lsb_release -r -s; else grep -oP '(?<=^VERSION_ID=).+' /etc/os-release | tr -d '"'; fi)

  2. Download the Microsoft signing key and repository

    wget https://packages.microsoft.com/config/ubuntu/$repo_version/packages-microsoft-prod.deb -O packages-microsoft-prod.deb

  3. Install Microsoft signing key and repository

    sudo dpkg -i packages-microsoft-prod.deb

  4. Clean up

    rm packages-microsoft-prod.deb

  5. Install aspnetcore runtime 242654

    sudo apt install aspnetcore-runtime-7.0

Setting Up Apache Tomcat as a Proxy Server for HTTP Websites

  1. In the Ubuntu Linux command prompt, run the sudo apt install apache2 command to install Apache Tomcat.

  2. Create the Apache Tomcat config file by running the sudo nano /etc/apache2/sites-available/credcache.conf command.

  3. In the created config file, insert the data below and replace the file path and URLs if required:

    Copy 
    <VirtualHost *:80>
    ServerName your-domain.com
    ProxyPass / http://localhost:8080/
    ProxyPassReverse / http://localhost:8080/
    </VirtualHost>

  4. Press Ctrl + O to write changes, press Enter, and finally, press Ctrl + X to exit.

  5. Run the following command to enable the proxy and proxy_http:

    1. sudo a2enmod proxy

    2. sudo a2enmod proxy_http

    3. sudo a2enmod SSL

  6. Restart the Tomcat server by running the sudo systemctl restart apache2 command.

Setting Up Apache Tomcat as a Proxy Server for HTTPS Websites

  1. In the Ubuntu Linux command prompt, run the sudo apt install apache2 command to install Apache Tomcat.

  2. Install OpenSSL on a Linux computer by running the following commands:

    1. sudo apt-get update

    2. sudo apt-get install openssl

  3. Create an OpenSSL configuration file by running the sudo nano /etc/ssl/openssl2.cnf command.

  4. In the created configuration file, insert the following data:

    Copy 
    [req]
    default_bits       = 2048
    default_keyfile    = localhost.key
    distinguished_name = req_distinguished_name
    req_extensions     = req_ext
    x509_extensions    = v3_ca
    [req_distinguished_name]
    countryName                 = Country Name (2 letter code)
    countryName_default         = US
    stateOrProvinceName         = State or Province Name (full name)
    stateOrProvinceName_default = New York
    localityName                = Locality Name (eg, city)
    localityName_default        = Rochester
    organizationName            = Organization Name (eg, company)
    organizationName_default    = localhost
    organizationalUnitName      = organizationalunit
    organizationalUnitName_default = Development
    commonName                  = websphere-ubuntu.gamma.thycotic.com
    commonName_default          = websphere-ubuntu.gamma.thycotic.com
    commonName_max              = 64
    [req_ext]
    subjectAltName = @alt_names
    [v3_ca]
    subjectAltName = @alt_names
    [alt_names]
    DNS.1   = websphere-ubuntu.gamma.thycotic.com
    DNS.2   = localhost
    IP.1   = 10.60.12.156

  5. Also, replace the valid common name, DNS name (full name of the computer [hostname -f]), and IP address of the Linux computer.

  6. Press Ctrl + O to write changes, press Enter, and finally, press Ctrl + X to exit.

  7. Generate a self-signed certificate by running the following command:

    sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/selfsigned.key -out /etc/ssl/certs/selfsigned.crt -config /etc/ssl/openssl2.cnf

  8. Generate a self-signed certificate in .pfx format by running the following command:

    sudo openssl pkcs12 -export -out /etc/ssl/certs/selfsigned.pfx -inkey /etc/ssl/private/selfsigned.key -in /etc/ssl/certs/selfsigned.crt

  9. Run the sudo nano /etc/apache2/sites-available/credcache.conf command to create the Apache Tomcat configuration file.

  10. In the created configuration file, insert the following data and replace the file path and URLs if required:

    Copy 
    <VirtualHost *:443>
    ServerName cyb-ubuntu.prs.thycotic.com
    SSLEngine on
    SSLCertificateFile /etc/ssl/certs/selfsigned.crt
    SSLCertificateKeyFile /etc/ssl/private/selfsigned.key
    SSLProxyEngine on
    ProxyPass /  http://localhost:5000/
    ProxyPassReverse / http://localhost:5000/
    </VirtualHost>

  11. Press Ctrl + O to write changes, press Enter, and finally, press Ctrl + X to exit.

  12. Run the following commands to enable the proxy and proxy_http:

    1. sudo a2enmod proxy

    2. sudo a2enmod proxy_http

    3. sudo a2enmod SSL

  13. Restart the Tomcat server by running the sudo systemctl restart apache2 command.