Configuring the PEM Server on Linux Platforms

Before configuring the PEM server, ensure that the sslutils extension and hstore contrib module is installed for your backing database.

  • For an Advanced Server backing database, sslutils extension and hstore contribe module iare by default installed along with Advanced Server.

  • For a PostgreSQL backing database, ensure you have access to the PostgreSQL community repository, and then install sslutils extension and hstore contrib module using the command:

    yum install sslutils_<x> postgresql<X>-contrib
    

Where, x is the server version.

The PEM server package includes a script (configure-pem-server.sh) to help automate the configuration process for Linux Platform installations. The script is installed in the /usr/edb/pem/bin directory. To invoke the script, use the command:

/usr/edb/pem/bin/configure-pem-server.sh

When invoking the script, you can include command line options to specify configuration properties; the script will prompt you for values that you omit on the command line. The accepted options are:

Option

Description

-acp

Defines PEM Agent certificate path. The default is /root/.pem.

-ci

CIDR formatted network address range that Agents will connect to the server from, to be added to the server’s pg_hba.conf file. For example, 192.168.1.0/24. The default is 0.0.0.0/0.

-dbi

The directory for the database server installation. For example, /usr/edb/as12 for Advanced Server or /usr/pgsql-12 for PostgreSQL.

-ds

The unit file name of the PEM database server. For Advanced Server, the default file name is edb-as-12; for PostgreSQL, it is postgresql-12.

-ho

The host address of the PEM database server.

-p

The port number of the PEM database server.

-ps

The service name of the pemagent; the default value is pemagent.

-sp

The superuser password of the PEM database server. This value is required.

-su

The superuser name of the PEM database server.

-t

The installation type: Specify 1 if the configuration is for web services and backing database, 2 if you are configuring web services, or 3 if you are configuring the backing database. If you specify 3, please note that the database must reside on the local host.

-un

To unregister the PEM Server.

If you do not provide configuration properties on the command line, you will be prompted for values by the script. When you invoke the script, choose from:

1. Web Services and Database - Select this option if the web server and database both reside on the same host as the PEM server.

2. Web Services - Select this option if the web server resides on a different host than the PEM server.

3. Database - Select this option to configure the PEM backing database for use by the PEM server. Please note that the specified database must reside on the local host.

Note

If the web server (PEM-HTTPD) and the backing database (PEM Server) reside on separate hosts, configure the database server first (option 3), and then web services (option 2). The script will exit if the backing database is not configured before web services.

After selecting a configuration option, the script will proceed to prompt you for configuration properties. When the script completes, it will create the objects required by the PEM server, or perform the configuration steps required. 1 To view script-related help, use the command:

/usr/edb/pem/bin/configure-pem-server.sh -help

After configuring the PEM server, you can access the PEM web interface in your browser. Navigate to:

https://<ip_address_of_PEM_server>:8443/pem