As of December 31st, 2023 ThreadFix 2.X has reached End of Life and is no longer supported. For any further information please contact the Success and Implementation team.

Windows Enterprise Setup

Owned by RamyaVetrivel (Unlicensed)
Last updated: Apr 18, 2022 by Daniel ColonVersion comment
4 min read

You will learn

How to install and configure ThreadFix on Windows. While currently ThreadFix supports Windows 2012 R2 and newer, these instructions were developed and tested against Windows Server 2016.

Prerequisites

Audience: IT Professional and/or End User
Difficulty: Intermediate
Time needed: Approximately 60 minutes
Tools required: OpenJDK 8, latest version of OpenJDK 11 or Oracle Java 8, latest version of Tomcat 8.5, MySQL or Microsoft SQL Server

Install Java

OpenJDK 11

ThreadFix version 2.7.9 and newer can run on OpenJDK 11 (version 11.0.5 or newer), OpenJDK 8, or Oracle Java 8, shown in the sections below.

  1. Download the 'x86 64-bit' version of the JRE zip file here (e.g., zulu11.48.21-ca-jre11.0.11-win_x64.zip).

  2. Extract the zip file to a desired location (e.g., C:\openjdk11).

  3. Create a new System variable called JAVA_HOME and for the value, enter the path above, where you extracted the zip file.

  4. Edit your Path System variable... add %JAVA_HOME%\bin to the end.

  5. Verify the default version of Java by running the following in a Command Prompt: java -version

OpenJDK 8

ThreadFix version 2.7 and newer can run on OpenJDK 8 (or Oracle Java 8, shown in the next section).

  1. Download the 'x86 64-bit' version of the JRE zip file here (e.g., zulu8.54.0.21-ca-jre8.0.292-win_x64.zip).

  2. Extract the zip file to a desired location (e.g., C:\openjdk8).

  3. Create a new System variable called JAVA_HOME and for the value, enter the path above, where you extracted the zip file.

  4. Edit your Path System variable... add %JAVA_HOME%\bin to the end.

  5. Verify the default version of Java by running the following in a Command Prompt: java -version

Oracle Java 8

ThreadFix version 2.6.2 and older requires Oracle Java 8 JRE (version 1.8.0_162 or higher).

  1. Download the latest version of the Java 8 JRE installer here.

  2. Click the Windows x64 installer to download (e.g., jre-8u202-windows-x64.exe).

  3. Run the executable once it downloads and accept defaults.

  4. Create a new System variable called JAVA_HOME and for the value, enter your JRE install path (e.g., C:\Program Files\Java\jre1.8.0_202).

  5. Edit your Path System variable... add %JAVA_HOME%\bin to the end.

  6. Verify the default version of Java by running the following in a Command Prompt: java -version 

Install and Configure Tomcat 8.5

Download and Install

ThreadFix recommends the latest version of Tomcat 8.5. Note versions prior to 8.5.78 are not recommended due to security exploit CVE-2022-22965.

In order to provide enough memory to the Java process, it is important that the 64-bit versions of both Java and Tomcat are used.

  1. Download the latest version of Tomcat 8.5 here.

  2. Scroll down to the 8.5.x versions, and download 32-bit/64-bit Windows Service Installer under the Core link.

  3. Run the installer and accept all defaults except at the end: disable the checkbox to run Tomcat when clicking Finish.

Web.xml Update

For compatibility with Tomcat 8.5.43 and newer, make the following update:

Open the <tomcat-deploy>\conf\web.xml file in a text editor (run as Administrator) and edit the default servlet as follows:

  • OLD

<servlet>     <servlet-name>default</servlet-name>     <servlet-class>org.apache.catalina.servlets.DefaultServlet</servlet-class>     <init-param>         <param-name>debug</param-name>         <param-value>0</param-value>     </init-param>     <init-param>         <param-name>listings</param-name>         <param-value>false</param-value>     </init-param>     <load-on-startup>1</load-on-startup> </servlet>

  • NEW

<servlet>     <servlet-name>default</servlet-name>     <servlet-class>org.apache.catalina.servlets.DefaultServlet</servlet-class>     <init-param>         <param-name>debug</param-name>         <param-value>0</param-value>     </init-param>     <init-param>         <param-name>listings</param-name>         <param-value>false</param-value>     </init-param>     <init-param>         <param-name>fileEncoding</param-name>         <param-value>UTF-8</param-value>     </init-param>     <load-on-startup>1</load-on-startup> </servlet>

(Note that the above adds the fileEncoding parameter and sets its value to UTF-8.)

Configuration

  1. Launch the Configure Tomcat application.

  2. Select the Log On tab and change the default service logon to Local System account, if not already set (it may default to Local Service account instead). If you need to use a domain user instead, e.g., for Windows Authentication access to MS SQL Server, click Windows SQL Server Configuration for instructions.

     

  3. Select the Java tab and update the following (see screenshot below):

    • Java Virtual Machine: %JAVA_HOME%\bin\server\jvm.dll

    • Java Options: -XX:+UseG1GC

    • Initial Memory Pool: 2048

    • Maximum Memory Pool: 8192 (or higher if wanting to allocate more memory)

       

  4. Click Apply. Go back to the General tab and ensure the Service Status is Stopped; if not, click the Stop button.

  5. Once the process stops, you may move on to database setup.

SSL/TLS Implementation

For information on configuring Tomcat to run over SSL/TLS, refer to the following article.

Install and Configure the Database

Install ThreadFix

 

www.threadfix.it | www.coalfire.com
Copyright © 2024 Coalfire. All rights reserved.

This Information Security Policy is CoalFire - Public: Distribution of this material is not limited.