Installation checklist

Before you install the Operations Center, you must verify certain information, such as the installation credentials, and you must determine the input to provide to IBM® Installation Manager for the installation.

The following checklist highlights the information that you must verify or determine before you install the Operations Center, and Table 1 describes the details of this information:

Verify the host name for the computer where the Operations Center will be installed.
Verify the installation credentials.
Determine the Operations Center installation directory, if you do not want to accept the default path.
Determine the IBM Installation Manager installation directory, if you do not want to accept the default path.
Determine the port number to be used by the Operations Center web server, if you do not want to accept the default port number.
Determine the password for secure communications.
Determine whether secure communications must comply with the National Institute of Standards and Technology (NIST) Special Publications (SP) 800-131A recommendation.

Table 1. Information to verify or determine before you install the Operations Center
Information	Details
Host name for the computer where the Operations Center will be installed	The host name must meet the following criteria: It must not contain double-byte character set (DBCS) characters or the underscore character (`_`). Although the host name can contain the hyphen character (`-`), it cannot have a hyphen as the last character in the name.
Installation credentials	To install the Operations Center, you must use the following user account: root Administrator
Operations Center installation directory	The Operations Center is installed in the ui subdirectory of the installation directory. The following path is the default path for the Operations Center installation directory: /opt/tivoli/tsm For example, if you use this default path, the Operations Center is installed in the following directory: `/opt/tivoli/tsm/ui` c:\Program Files\Tivoli\TSM For example, if you use this default path, the Operations Center is installed in the following directory: `c:\Program Files\Tivoli\TSM\ui` The installation directory path must meet the following criteria: The path must contain no more than 128 characters. The path must include only ASCII characters. The path cannot include non-displayable control characters. The path cannot include any of the following characters: `% \| < > ' " $ & ; *`
IBM Installation Manager installation directory	The following path is the default path for the IBM Installation Manager installation directory: /opt/IBM/InstallationManager C:\Program Files\IBM\Installation Manager
Port number that is used by the Operations Center web server	The value for the secure (https) port number must meet the following criteria: The number must be an integer in the range 1024 - 65535. The number cannot be in use or allocated to other programs. If you do not specify a port number, the default value is `11090`. Tip: If you later do not remember the port number that you specified, refer to the following file, where `installation_dir` represents the directory where the Operations Center is installed: `installation_dir`/ui/Liberty/usr/servers/guiServer/bootstrap.properties `installation_dir`\ui\Liberty\usr\servers\guiServer\bootstrap.properties The bootstrap.properties file contains the IBM Spectrum Protect™ server connection information.
Password for secure communications	The Operations Center uses Hypertext Transfer Protocol Secure (HTTPS) to communicate with web browsers. When you install the IBM Spectrum Protect server and the Operations Center, the default configuration requires secure communication between the server and the Operations Center. To secure communication, you must add the Secure Sockets Layer (SSL) or Transport Layer Security (TLS) certificate of the hub server to the truststore file of the Operations Center. The truststore file of the Operations Center contains the certificate that the Operations Center uses for HTTPS communication with web browsers. During installation of the Operations Center, you create a password for the truststore file. When you set up SSL/TLS communication between the Operations Center and the hub server, you must use the same password to add the certificate of the hub server to the truststore file. The password for the truststore file must meet the following criteria: The password must contain a minimum of 6 characters and a maximum of 64 characters. The password must contain at least the following characters: One uppercase letter (A – Z) One lowercase letter (a – z) One digit (0 – 9) Two of the following non-alphanumeric characters: ~ ! @ # $ % ^ & * _ - + = ` \| `( ) { } [ ] : ; < > , . ? /`
NIST SP800-131A compliance mode	When you install the Operations Center, you can specify whether NIST SP800-131A compliance is required, and the level of compliance. Before you install the Operations Center, determine if you want strict SP800-131A compliance, transitional SP800-131A compliance, or if you do not need to comply with the recommendation. If you enable SP800-131A compliance, stronger cryptographic keys and algorithms are used for HTTPS communication between the Operations Center and the web browsers. There are two compliance modes: transition and strict. Both modes enable the web server to secure HTTPS communication by using the Transport Layer Security (TLS) 1.2 protocol. In transition mode, however, TLS 1.0 or TLS 1.1 are allowed if the web browser is not enabled for TLS 1.2. In strict mode, full SP800-131A compliance is enforced, and the web browser must have TLS 1.2 enabled to run the Operations Center. If you do not enable SP800-131A compliance, HTTPS communication is secured by less-complex cryptography. However, processor usage and network latency might be reduced. Requirement: If you specify strict SP800-131A compliance, the web browser must support TLS 1.2, and TLS 1.2 must be enabled. Restrictions: You cannot change the SP800-131A compliance mode after installation. To change this setting you must uninstall and reinstall the Operations Center. This installation option is available only when you use the Install function of the IBM Installation Manager. This option is not available when you use the Update function. If you have an earlier version of the Operations Center installed and you want to enable SP800-131A compliance, you must uninstall and reinstall the Operations Center. Remember: The SP800-131A compliance option applies only to the Operations Center communication with web browsers. To fully enable SP800-131A compliance, you must configure IBM Spectrum Protect components in your environment individually. To secure communications between the Operations Center and the hub server, you can add the SSL certificate of the hub server to the truststore file of the Operations Center. For SP800-131A compliance, the cert256.arm certificate must be the default certificate on the hub server, you must copy this certificate to the truststore file of the Operations Center.