📙 You will learn
How to install and configure ThreadFix on CentOS. While these instructions should apply to RHEL as well, the following instructions were developed and tested against CentOS 7.
Prerequisites
Audience: IT Professional and/or End User
Difficulty: 
Intermediate
Time needed: Approximately 60 minutes
Tools required: OpenJDK 11 or OpenJDK8 or Oracle Java 8, at least Tomcat 7.0.59, MySQL or Microsoft SQL Server
Install Java
ThreadFix 2.7.9 and newer can run on OpenJDK 11 (or Oracle Java 8 / OpenJDK 8, shown in the sections below). To check the currently-installed version, run the java -version command.
OpenJDK 11
If you don't have OpenJDK 11 installed, you can install it by running the following command:
sudo yum install java-11-openjdk
If you have multiple JDKs installed, run the sudo alternatives --config java command and select the version installed above.
OpenJDK 8
If you don't have OpenJDK 8 installed, you can install it by running the following command:
sudo yum install java-1.8.0-openjdk
If you have multiple JDKs installed, run the sudo alternatives --config java command and select the version installed above.
Oracle Java 8
To deploy versions of ThreadFix 2.6.2.6 and older, visit the Oracle JDK download page here and look for the .rpm version of the Linux x64 distribution. Copy the download link and wget it.
Example wget command to download the jdk-8u192-linux-x64.rpm file:
wget --no-cookies --no-check-certificate --header "Cookie: gpw_e24=http%3A%2F%2Fwww.oracle.com%2F; oraclelicense=accept-securebackup-cookie" "https://download.oracle.com/otn-pub/java/jdk/8u192-b12/750e1c8617c5452694857ad95c3ee230/jdk-8u192-linux-x64.rpm"
Install with yum localinstall.
Example using the file downloaded above:
sudo yum localinstall jdk-8u192-linux-x64.rpm
The JDK should be installed at /usr/java/<jdk-version> (e.g., /usr/java/jdk1.8.0_192). You can verify the install using the java -version command. If you have multiple JDKs installed, run the sudo alternatives --config java command and select the version installed above.
Install and Configure Tomcat 8
ThreadFix requires at least Tomcat 7.0.59, but we recommend the latest version of Tomcat 8.5.
Download the latest version of Tomcat 8.5.
For the current version of ThreadFix, apt-get is not recommended for installing Tomcat. Getting the latest version of Tomcat 8.5 directly with wget is the preferred method. The link to the tarball is provided by the official Apache Tomcat site and it is a mirror site hosting the most recent version.
wget http://mirrors.advancedhosters.com/apache/tomcat/tomcat-8/v8.5.57/bin/apache-tomcat-8.5.57.tar.gz
If the above command doesn't work, the download may have been moved/updated. Browse to https://tomcat.apache.org/download-80.cgi to determine the most recent version available.
Create a directory to install Tomcat, then extract the tar ball there
sudo mkdir /opt/tomcat sudo tar xvf apache-tomcat-8*tar.gz -C /opt/tomcat --strip-components=1
Create a group and user to manage the Tomcat execution.
sudo groupadd tomcat sudo useradd -s /bin/false -g tomcat -d /opt/tomcat tomcat
Web.xml Update
For compatibility with Tomcat 8.5.43 and newer, make the following update:
Open the <tomcat-deploy>/conf/web.xml file in a text editor with elevated privilege and edit the default servlet as follows:
OLD
<servlet>
<servlet-name>default</servlet-name>
<servlet-class>org.apache.catalina.servlets.DefaultServlet</servlet-class>
<init-param>
<param-name>debug</param-name>
<param-value>0</param-value>
</init-param>
<init-param>
<param-name>listings</param-name>
<param-value>false</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
NEW
<servlet>
<servlet-name>default</servlet-name>
<servlet-class>org.apache.catalina.servlets.DefaultServlet</servlet-class>
<init-param>
<param-name>debug</param-name>
<param-value>0</param-value>
</init-param>
<init-param>
<param-name>listings</param-name>
<param-value>false</param-value>
</init-param>
<init-param>
<param-name>fileEncoding</param-name>
<param-value>UTF-8</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
(Note that the above adds the fileEncoding parameter and sets its value to UTF-8.)
Enable Tomcat Service
If you want tomcat to run as a service that you can have start automatically at boot, the preferred method is using systemd. Create a file at /etc/systemd/system/tomcat.service with the following content. CentOS systemd Tomcat Service:
# Systemd unit file for tomcat [Unit] Description=Apache Tomcat Web Application Container After=syslog.service network.target [Service] Type=forking Environment=JAVA_HOME=/usr Environment=CATALINA_PID=/opt/tomcat/temp/tomcat.pid Environment=CATALINA_HOME=/opt/tomcat Environment=CATALINA_BASE=/opt/tomcat Environment='CATALINA_OPTS=-Xms2G -Xmx8G -server -XX:+UseParallelGC' Environment='JAVA_OPTS=-Djava.awt.headless=true -Djava.security.egd=file:/dev/./urandom' ExecStart=/opt/tomcat/bin/startup.sh ExecStop=/bin/kill -15 $MAINPID User=tomcat Group=tomcat UMask=0007 RestartSec=10 Restart=always [Install] WantedBy=multi-user.target
Reload Systemd to load the Tomcat unit file and enable the tomcat.service.
sudo systemctl daemon-reload sudo systemctl enable tomcat.service
SSL/TLS Implementation
For information on configuring Tomcat to run over SSL/TLS, refer to the following article.
Install and Configure the Database
To install and configure MySQL, refer to the CentOS MySQL Installation and Configuration page.
To install and configure Microsoft SQL Server, refer to the Windows SQL Server Configuration page.
Install and Configure ThreadFix
Once you've followed the steps above, you're ready to install ThreadFix. Please see the ThreadFix Installation guide to complete your deployment.
Related articles
Table of content
https://threadfix.it/ | www.denimgroup.com
© Copyright 2020 Denim Group, LTD. All Rights Reserved.