Identity Governance uses Apache Tomcat to host and run the user interface, which allows users to access and use Identity Governance without having to install a client. You must install Apache Tomcat on the same server where you install Zulu OpenJDK and Identity Governance. Use the following information to help you install Apache Tomcat.
Review the following considerations before installing Apache Tomcat:
We highly recommend that you configure Apache Tomcat to use https with either TLSv1.2 or TLS1.1. Any prior version of TLS should not be used. For more information, see SSL/TLS Configuration How-To
.
(Conditional) If you use Linux, do not run Apache Tomcat as root. Best practice for security on Linux is to not install programs as root and use an administrator account with privileges to install products instead.
You must install Apache Tomcat on the same server that has Zulu OpenJDK installed and where you will install Identity Governance.
Ensure that you install the version of Apache Tomcat that Identity Governance requires. For more information, see Section 2.4.1, Identity Governance Server System Requirements.
Access the Apache Tomcat website and download the supported version.
Use the documentation for the supported version of Apache Tomcat to complete the installation.
(Optional) Create and use a common directory for the Apache Tomcat installation such as:
Linux: /opt/netiq/idm/apps/tomcat
Windows: C:\netiq\idm\apps\tomcat
Ensure that you configure TLSv1.2 or TLSv1.1 for https communication. For more information, see SSL/TLS Configuration How-To
.
Record the installation path for Apache Tomcat to use when installing Identity Governance, OSP, and Identity Reporting.
When you make configuration changes for Identity Governance, you must either restart, or stop and start Apache Tomcat to have the changes take effect. If you used the installation scripts we provided to install Apache Tomcat, you use different commands to restart Apache Tomcat. For more information, see Section B.1, Stopping, Starting, and Restarting the Apache Tomcat Service.