1. Installation setup
System requirements
Please check the following requirements before installing Visual Guard Identity Server.
Visual Guard 2024.0
- Operating System: Windows Server 2012, 2016, 2019, 2022
- Hard Drive: 512 GB to 1 TB – Fast drive recommended, ideally SSD
- CPU: 4 core min – 3 Ghz or higher
- RAM: 8 GB
- Software:
- Web browser with JavaScript support.
- .Net 8 ,you can download the hosting bundle from the ASP.NET Core Runtime 8.0.7 section from the official Microsoft website. (https://dotnet.microsoft.com/en-us/download/dotnet/8.0)
- IIS with the necessary Windows features should be installed as described below.
- VGRepository
- Require SQL Server 2012 or later, with a minimum of the Standard Edition.
- Require Oracle Database with Oracle9i or later. Please ensure the Oracle Driver is installed.
- Install the VGIdentityServerSetup. [Link available in the table above]
- Doing so, will create a ‘VisualGuardIdentityServer’ website.
- It will also create an application pool ‘AspNetCore’ ‘with – .Net CLR Version – “No Managed Code”.
(If not created, please create it manually)
- Check the list of websites, select ‘VisualGuardIdentityServer’.
Go to ‘Advanced Settings’, and select application pool – ‘AspNetCore’. - Check ‘permissions’, and assign full permissions to ‘IIS_IUSRS’.
- Check the application root path.
Select ‘web.config’ , please make sure it contains the following values:
<aspNetCore processPath="dotnet" arguments=".\Novalys.VisualGuard.Tools.VGIdentityServer.dll" stdoutLogEnabled="false" stdoutLogFile=".\logs\stdosut">
<environmentVariables />
</aspNetCore>
Private mode Communication
- Windows Server 2022 Build 20348 or later.
SQL Server settings
To provide appropriate login rights to create a new repository, follow the below steps to be configured in the SQL server platform.
Step 1: Go to the user properties in the SQL server, select master under the default database –> Click OK
Step 2: Under the user properties, select Server roles –> Select dbcreator and public to provide roles rights –> Click OK
Installation Steps
Step 1: Download Visual Guard Identity Server setup and follow the installation wizard
Step 2: Enter the required information, Site, Application pool and click Next
Step 3: Installation process will begin
Step 4: Once installation is complete, you will be notified with a message confirming the successful setup. Please click “Close” to exit the setup.
Once the installation is complete, Go to the installation folder that is created automatically –> open the folder –> Right click on the IdentityServer folder and select properties –> Click on Security section –> Add IIS_IURS if not added –> Click on IIS_IURS –> ensure to allow the below mentioned permissions –> Click OK
1.1 How to migrate from VGServer ?
The VGServer has been replace by Visual-Guard Identity Server.
VG Identity Server works with the bearer Token, the VGToken, which is contained inside of the claims.
We need to authenticate from VG Identity Server
The API has been updated.
Please refer to the following list to find out how to update the API:
- /Security/Principal/GetIdentity replace by /api/Principal/GetIdentity
- /Security/GetRoles replace by /api/Principal/GetCurrentRoles
- /Security/IsInRoleByName/ replace by /api/Principal/IsInRoleByName
- /Security/HasPermissionByName/ replace by /Security/HasPermissionById/
- /Security/GetPermissions replace by /api/Principal/GetCurrentPermissions
1.2 Configure HTTPS Binding
HTTPS binding is the configuration that allows a website hosted on a web server, like Microsoft IIS (Internet Information Services), to use the HTTPS protocol. HTTPS stands for Hypertext Transfer Protocol Secure, and it ensures that data transmitted between the web server and the client (like a web browser) is encrypted and secure from eavesdropping or tampering.
When you set up HTTPS binding in IIS, you’re telling the web server to listen for HTTPS requests on a specific IP address and port (usually port 443). This binding also requires an SSL/TLS certificate, which is used to encrypt the data. The certificate is linked to the binding, ensuring that any request to the site using HTTPS will be securely transmitted.
HTTPS binding is a key configuration step in securing web applications by enabling encrypted communication between the server and clients.
To configure an IIS website for HTTPS binding with a certificate specifically for the Visual Guard Identity Server, follow these steps:
1. Obtain an SSL Certificate
- Ensure you have a valid SSL certificate issued by a trusted Certificate Authority (CA). This certificate must include both the public and private keys.
2. Install the SSL Certificate on the Server
- Open IIS Manager on the server where Visual Guard Identity Server is installed.
- In the left-hand Connections pane, click on the server name.
- Double-click on Server Certificates in the middle pane.
- In the Actions pane on the right, click Import if you have the .pfx file or Complete Certificate Request if you have a .cer file.
- Browse to your certificate file, provide any required password (for .pfx), and complete the import process.
3. Configure HTTPS Binding for Visual Guard Identity Server
- In IIS Manager, expand the server node, then expand Sites, and select Visual Guard Identity Server site.
- Click on Binding in the right-hand Actions pane under Edit Site.
- In the Site Bindings window, click Add.
- In the Add Site Binding dialog:
- Type: Select https.
- IP address: Choose the appropriate IP address or leave it as All Unassigned.
- Port: Enter 443 (default port for HTTPS).
- Host name: Optionally specify the hostname if applicable.
- SSL certificate: Select the SSL certificate you imported earlier.
- Click OK to add the binding.
4. Enforce HTTPS on Visual Guard Identity Server (Optional)
- Select the Visual Guard Identity Server site in IIS Manager.
- Double-click SSL Settings in the feature view.
- Check the box labeled Require SSL to enforce HTTPS.
- Click Apply in the Actions pane on the right.
5. Restart the IIS Services
- After configuring HTTPS binding, restart IIS to apply the changes. Select the server node in IIS Manager and click Restart in the Actions pane.
6. Test the Configuration
- Open a web browser and navigate to your Visual Guard Identity Server using
https://yourdomain.com/identityserver
. Ensure that the connection is secured by the certificate and that the site loads correctly over HTTPS.
By following these steps, you will ensure that the Visual Guard Identity Server is properly configured to use HTTPS, securing communication between users and the web application.