Kronodoc Web Servers

Kronodoc installs the Apache Web server in the httpd directory (in the Kronodoc installation directory) by default. The web server is configured during the installation process. Kronodoc does not provide tools for reconfiguring the web server — it must be done manually if necessary.

On most computers you can even install and run more than one Web server simultaneously (each with its own Kronodoc installation) provided that there is enough memory and they do not try to use the same IP address and port number.

The basic configuration for accessing the Kronodoc web server are configured first.

httpd shared libraries have already been installed.

Answer yes to the next question to use SSL-encrypted network traffic between Kronodoc and browsers. The rest of the questions related to the SSL setup are asked at the end of the web server setup.

Do you want to use SSL (Secure Socket Layer) in all network traffic [yes]? yes

The installation script verifies that it knows the host name of your Web server machine. In most situations the host name of the computer can be automatically determined. If your server has several network interfaces (real or virtual) you can specify here which one Kronodoc will be listening to. You should nevertheless check the answer carefully.

The default host name should be complete with the domain name. If the domain is missing or the default is in other ways inaccurate, you will have to type the host name in yourself. You can also give an alias host name known to the name servers.

What is the host name of the Krono Web server to be used [default krono.company.com]? krono.company.com

The email address of the Web server administrator will be used as the contact address to the Webmaster of the system.

What is the email address of your server administrator [default kronodoc@krono.company.com]? kronodoc@company.com

In most cases, the port number needs to be changed only when there is already another Web server using the default port, or when the connections must be made through a non-standard port because of security reasons.

The following port number must be larger than 1023
unless you start the Web server as root
Which port number do you want to use for Kronodoc [default 443]? 8088

Note that you are allowed to use a port number below 1024 only if you are going to start the Web server as root. If you run the installation script as a regular user, you will be reminded of this.

In case the selected port is registered for use on some specific service, the installer asks to reconfirm if this is intended. The port number is checked against those listed in /etc/services and will trigger false alerts easily when not using the default port.

radan-http      8088/tcp                        # Radan HTTP
radan-http      8088/udp                        # Radan HTTP
According to /etc/services, port number 8088 may already be in use.
Do you still want to use it for Kronodoc [no]? yes

The network address the Kronodoc server is bound to can be limited with this configuration. If only one installation on a specific port (e.g. 443) on the server is necessary, the "ALL" option is safe. However, if it is necessary to run multiple Kronodoc installations on the same server using the same port number but different IP addresses, then each must be bound to their own address only — otherwise there is a conflict and only one installation can be run at a time.

What network address should Kronodoc Web server listen [default krono.server.com; ALL for all available interfaces; hostname:port for a specific port]? ALL

The number of Kronodoc processes configured limits the number of Kronodoc operations that can be run concurrently. This number can be used to fine tune system resource use. The optimum value depends on the number of simultaneous users and the system memory available.

How many Kronodoc server processes do you want to run [default 1]? 3

If SSL was configured to be used, the ciphers can be configured here. Signed SSL-certificates may also be installed by hand afterwards.

If you answer yes to the next question, low security 64-bit cipher strength can be used in addition to more secure higher (128-bit) cipher strength.

Do you want to be able to use low security ciphers (NOT RECOMMENDED) [no]? no

To configure the Web server properly you need an SSL certificate.

If you cannot provide your own certificates at the time of the installation, the default Kronodoc certificate files will be used. Unless the installation is for demo or test purposes, you need to obtain certificate file for your installation.

Signed certificate files may be manually installed afterwards. The certificates must be separately acquired and put into the installer directory; here the files myserver.crt and myserver.key.

Do you have your own SSL certificate files [no]? yes
What is your certificate request file [nothing to use default files]? myserver.crt
What is your signed certificate file [nothing to use default files]? myserver.key

Finalizing the web server configuration.

Web server successfully installed