Installing and Upgrading
The MSS Administrator Console help has information on Product Activation.
Keep these things in mind when installing:
Activation files (activation.jaw) are used to enable product functionality. For example, the install package contains the needed activation file to enable communication between Host Access for the Cloud and MSS. It is typically activated as part of the install process. Activation files are downloaded from the Micro Focus download site and are specific for the different editions and platforms supported by Host Access for the Cloud. To work in a production environment, activation is required.
If activation was not part of the installation, you need to open the Administrative Console and complete the activation process (Configure Settings > Product Activation). See Upgrading from previous versions for information on handling activation files when you upgrade.
IIS Reverse Proxy with Host Access for the Cloud
If you plan on using the IIS Reverse Proxy, read Accessing Host Access for the Cloud using the IIS Reverse Proxy for prerequisites and configuration instructions.
Host Access for the Cloud supports TLS and SSH protocols to protect mission-critical data. To secure your passwords and other sensitive data, you should require browsers to use the HTTPS protocol.
It is advantageous from a security perspective to run services as a dedicated user with a minimal set of privileges. This is known as the principal of least privilege.
On Linux you should install HACloud and MSS as a dedicated (non-root) user with reduced privileges.
On Windows you must first install the product, and then adjust the system to run the session server service as a dedicated user with reduced privileges. See Running the Session Server Service as a Dedicated User with Reduced Privileges for instructions.
Installing on different platforms
Host Access for the Cloud and Java
Both the session server and MSS require Java version 11. This Java requirement is met during installation, except for systems, such as Linux on System Z that require an IBM JDK. Information on using the nojdk option is available under Installing on z/Linux.
Host Access for the Cloud and MSS require that the Java installation support unlimited strength encryption. More information is available on the Java web site.
If necessary, you can use the environment variables specified in the nojdk option and INSTALL4J_JAVA_HOME_OVERRIDE to specify a specific Java installation.
When installing servers on a Windows platform, the installer must be launched by a user who is an Administrator with administrative privileges. A basic Windows installation is described in Getting Host Access for the Cloud.
- You must either install as “root” or use a user account with root privileges to complete successfully. When the installation has successfully completed, the installed application can be started and managed by “root” or someone running as ‘root”.
- If you are running on Linux platforms, follow these steps to set the session server to start automatically when your system first boots up.
- Elevated privileges are needed to open any application ports lower than 1024. Host Access for the Cloud will not start using a lower port number unless you have system privileges to open low numbered ports.
- You can use the chmod command to assign application privileges to users other than root.
- If you are installing on a headless Linux system and there are no fonts installed on the system, you may encounter this font-related error:
java.lang.Error: Probable fatal error: No fonts found. Ensure that fontconfig or at least one font is installed on the system in order to proceed with the installation.
z/Linux (SUSE E11.x and RHEL 6.x)
For systems, such as Linux on System Z, that require an IBM JDK, you can use the “nojdk” installer media, which does not include a bundled JDK.
The installation must be able to locate a Java executable to start. If a Java executable cannot be found by the installer, then you can set the INSTALL4J_JAVA_HOME environment variable to refer to a Java installation’s bin directory.
When started, the installation program will automatically search for version-compatible JDKs on the system. If more than one JDK is found, a list is displayed from which you can choose. If only a JRE is found on the system, you can continue with the installation, but the Host Access for the Cloud server will not run correctly until you have updated the
wrapper.java.commandproperty located in
sessionserver/conf/container.confto refer to a JDK installation.
If necessary, you can use the environment variables named above and INSTALL4J_JAVA_HOME_OVERRIDE to specify a specific Java installation.
Using an unattended installation
The Host Access for the Cloud installation is based on install4j technology, which supports unattended mode. Unattended installation enables you to install the product the same way on a series of computers.
To use unattended installation:
Install the session server on a machine using the automated installer. You can use the graphical interface or console mode (-c) to install the product.
The installation process creates a text file,
response.varfile, that contains the selected installation options. The file is located in [
response.varfileto another machine where you would like to install the session server.
Locate the appropriate executable to install the product. Launch the installation program using the
-qargument and a
-varfileargument that specifies the location of
For example, to install the session server on a 64-bit Linux platform with a response.varfile located in the same directory, use this command, where
<2.4.x.nnnn>is the product version and build number:
hacloud-<2.4.x.nnnnn>-linuxx64.sh –q –varfile response.varfile
You could also add the
–coption to install in console mode, which would provide feedback such as "Extracting Files" and "Finishing Installation."
Configuring an incomplete installation
When the session server is either unable to retrieve a certificate from MSS or is unable to complete the registration process, an incomplete installation can occur. Follow the steps for adding additional session servers to complete the install.
Upgrading from previous versions
If you are upgrading, it is important that you remove any activation files from MSS associated with prior versions of Host Access for the Cloud. Leaving obsolete activation files in place may result in limited access to sessions.
- Before proceeding, backup any changes you made to
- Install Host Access for the Cloud.
- Restore the files you backed up in Step One and restart the session server.
- If not handled during the installation process, install the new activation file or files into MSS using Administrative Console > Configure Settings > Product Activation.
To continue using server side events created in Reflection ZFE versions 2.3.2 or earlier, copy your server-side event JAR files located in
/microservices/sessionserver/extensions/server, and re-enable extensions.
Troubleshooting the installation
To complete a successful installation, make sure that you have taken care of these common issues:
Are the activation files installed and activated in the Administrative Console?
MSS uses activation files to enable product functionality. With your installation you received an activation file associated with the type of host you are connecting to. For example, if you are licensed for the Unisys Edition, if not handled as part of the install process, you will need to open the Administrative Console, go to Configure Settings > Product Activation and verify that the Host Access for the Cloud Unisys activation file is in place.
Is MSS configured for HTTPS?
Connect to the system where the Administrative Server is installed and log in to the Administrative Server. In the Administrative Console, open the Security Setup section and note the protocol selection.
Verify that both MSS and Host Access for the Cloud are using trusted certificates
MSS imports certificates and private keys to
C:\ProgramData\Micro Focus\MSS\MSSData\certificates. See Securing connections.
If you are not using trusted certificates, have you configured Host Access for the Cloud to run using HTTP?
Are your connection properties configured properly?
In the unlikely event that you have to verify connection information, the
container.properties file for both the management component and the session server contains the connection properties needed to make the session server to MSS connection as well as the browser to session server connection.
You can find the file in the Host Access for the Cloud installation at
Install does not complete on UNIX or Linux platforms
As a result of updated encryption libraries, customers who use headless server-based installations may experience system delays if system entropy is too low. Entropy is the randomness collected by an operating system for use in cryptography. This randomness is often collected from hardware sources, like mouse movements. Insufficient entropy may lead to the installation process hanging or degraded server performance. Some platforms already install and enable an entropy service by default, and the issue will not be noticed. If needed, a hardware or software solution can remedy the issue.
You can improve entropy generation using the Haveged tool. This is a tool to help remedy low-entropy conditions in the Linux random device, which can occur under some workloads, and especially on headless servers. See https://wiki.archlinux.org/index.php/Haveged for information on this tool.
See the Knowledge Base article, Ensuring Sufficient Entropy to Avoid System Delays.
Is the server on which you’re installing secured to prevent access to the temp directory?
See Installation fails due to server preventing access to TEMP directory under Known Issues for information on this issue.
For other known issues and troubleshooting information see Technical References.