Installing the Stormshield KMaaS via RPM

• 4 processors and one thread per processor
• 4 GB of memory
• 20 GB of storage

If you want to improve performance, add the following resources in this order:

1. Threads for each processor,
2. Processors,
3. Instances in the cluster.

Each supported version of the operating system is compatible with specific versions of OpenSSL and NodeJS. Please check the compatibility in the table below:

Install and activate a RedHat Enterprise Linux distribution version 8.10 or 9.6 based on the version of the RPM delivered by Stormshield.

For more information, refer to the RedHat 8 documentation or the RedHat 9 documentation.

It is imperative to follow the operating system security recommendations issued by the ANSSI in their document ANSSII-BP-028-EN.

You can install all dependencies offline on your operating system. To do so:

1. Get the RPM of the dependency.

2. Copy it on your machine.

3. Install it by running the command:
   rpm -i

• OpenSSL v1.1.1 is supplied by default with RedHat Enterprise Linux 8.10. You must manually install OpenSSL 3 using the commands below. Stormshield recommends using the EPEL repository.
  
  

  
  # subscription-manager repos --enable codeready-builder-for-rhel-8-$(arch)-rpms
  
  # dnf install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
  
  # dnf install openssl3
  
  # ln -b -s /usr/bin/openssl3 /usr/bin/openssl
  
  # ln -b -s /usr/lib64/libssl.so.<openssl_version> /usr/lib64/libssl.so
  
  # ln -b -s /usr/lib64/libcrypto.so.<openssl_version> /usr/lib64/libcrypto.so
  
  # ln -b -s /usr/include/openssl3/openssl /usr/include/openssl

  
  where <openssl_version> must be replaced by the OpenSSL version installed, for example 3.2.2.

• OpenSSL v3.2.X is supplied by default with RedHat Enterprise Linux 9.0. Install OpenSSL using the following command:
  # yum install openssl

1. Install the package using the following commands:

   • For RedHat 8:
     # curl -fsSL https://rpm.nodesource.com/setup_20.x | bash -# dnf install -y nodejs

   • For RedHat 9:
     # dnf module install nodejs:20

2. Check that NodeJS has indeed been installed with the following command:
   # node --version

Ensure that the NodeJS autorun has been enabled.

This command will install the latest version of NodeJS 20. The version 4.5 of the Stormshield KMaaS has been tested with NodeJS 20.16.0.

With ReHat 9, if Node.js is installed as instructed above, it uses a dynamic link with the libcrypto and libssl libraries of OpenSSL. It automatically gets the latest security patches provided by RedHat.

To install the Stormshield KMaaS, you must be a root user of the RedHat system.

Stormshield recommends that the server on which the Stormshield KMaaS is installed has a multi-core processor with a minimum of 4 cores.

1. Copy the cse-4.5.x.xxx-redhatx.x86_64.rpm.rpm file on the system.
2. Run the following command: 
   # rpm -i <package_name>.rpm

If NodeJS was not installed beforehand, this error message will appear:

error: Failed dependencies : nodejs is needed by csexxx

The following folders and files will be installed: