Skip Navigation
  1. BlackBerry Docs
  2. CylanceON-PREM
  3. Cylance ONPREM Administration Guide
  4. Configuring the CylanceON-PREM virtual appliance
  5. Configure CylanceON-PREM databases

Configure
CylanceON-PREM
 databases

This task is for all
CylanceON-PREM
 instances, either DHCP or Static IP. This example uses
VMware vSphere
.
  1. Start the
    CylanceON-PREM
     virtual appliance. In
    VMware vSphere
    , click the
    Power On
     icon, or select
    Actions > Power > Power On
    .
  2. Open a web browser and go to https://<
    fqdn
    >. Replace <
    fqdn
    > with the fully qualified domain name (FQDN) from the DNS entry, such as https://login.onprem.com. For a web browser, use a system that can communicate with the
    CylanceON-PREM
     virtual appliance.
  3. Fill out the form to generate a CSR from
    CylanceON-PREM
     to submit to a CA to use with the
    CylanceON-PREM
     virtual appliance and click
    Generate CSR
    . This creates a
    cert_request.csr
     file in the downloads folder that can be sent to a Certificate Authority (CA) to receive an SSL certificate. If you click
    Generate CSR
     again, a new private key will be generated and you will need to provide the latest CSR to the Certificate Authority. If you are using an SSL certificate and key generated on a computer other than
    CylanceON-PREM
    , continue to step 4.
    Item
    Description
    Common Name
    The common name is derived from the FQDN for the virtual appliance. For example, if the FQDN is https://onprem.cylance.com, then the common name is onprem.cylance.com.
    Subject Alternative Name
    Enter any alternative names to use for the virtual appliance, such as onprem-alt.cylance.com. The common name will be added automatically as a subject alternative Name. Click
    Add
     after typing an alternative name to add it.
    Organization Name
    Enter the legal name of the organization.
    Organizational Unit
    This could be a department name.
    City
    Enter the city where the organization is located.
    State/ Province
    Enter the state of province where the organization is located. Do not use an abbreviation.
    Country
    Enter the two letter ISO abbreviation for the country.
  4. Click
    Upload Cert and Key
    . For more information on certificate guidelines, refer to the Certificate Guidelines.
  5. On the
    Webserver Configuration
     page, in the
    Hostname
     field, enter the FQDN (Common Name) or Subject Alternative Name for the virtual appliance. The FQDN must match the DNS entry. For example, the FQDN/ Common name could be login.onprem.com or onprem.com.
  6. Drag the SSL Certificate to the
    Upload Certificate
     box or click
    Browse for a file
     and select the certificate. If you generated the CSR using
    CylanceON-PREM
    , you do not have to upload a private key and skip the remaining steps below and continue to Step 7. If you generated a CSR on a different computer, upload a Private Key.
    1. Enable the
      Upload Private Key
       toggle.
    2. Drag the private key to the
      Upload Key
       box or click
      Browse for a file
       and select the private key. If your CA provides you a .pfx file (combined site certificate and private key), the CA will need to separate it into two separate files. In addition, the private key file cannot be password protected.
  7. Click
    Save and Continue
    . This will configure the SSL on the virtual appliance.
  8. Consult the table below an choose a database option. Setting up, maintaining, and troubleshooting an external database is not supported. Organizations must have a dedicated database administrator (DBA) for configuring and maintaining their database.
    Item
    Configuration
    Database connection settings disabled
    No configuration required
    Database connection settings are enabled
    1. Enter the hostname or IP address for the external database. For example,
      database.com
      or
      123.45.67.89
    2. Enter the port number for the external database. for example,
      5432
    3. Enter the database user name and password.
      This database user must be able to add tables to the database.
    4. Enable TLS/SSL to use an SSL connection to the external database. If TLS/SSL is enabled, you can also specify the following: Enable Verify Peer Mode to authenticate the external Postgres DB server certificate, and the communications channel is encrypted. Verify Peer Mode=disabled means
      CylanceON-PREM
       will not authenticate the external Postgres DB server certificate but the communications are still encrypted.
      • Click
        Install Postgres SSL Certificate
        , then drag the certificate file to the Install Postgres SSL Certificate dialog box or click
        Browse for a file
         and select the certificate.
      • Click
        Install Certificate
        .
    5. Click
      Test Connection
       to ensure the virtual appliance can communicate with the database.
    6. Click
      Save and Continue
      .
  9. Type in your login information, then click
    Save and Finish
     and the login screen will display. This user will be added as an Administrator in your
    CylanceON-PREM
     Console.