Personal tools
You are here: Home Documentation & Support Installation Documentation How to install the WiKID Community Edition 3.x
What people are saying
Contact Us
WiKID Systems, Inc.
1375 Peachtree St.
Suite 600
Atlanta, Ga. 30309
866-244-1876
irc.freenode.net: #wikid
 

How to install the WiKID Community Edition 3.x

The steps needed to install the open source version of the WiKID Strong Authentication System

Requirements

  • Postgresql
  • Sun's Java 1.5 or 1.6 JDK.

Doing the work

Please note that with the 3.x versions we have moved the commands from generic "start" and "stop" to "wikidctl start", "wikidctl stop", "wikidctl setup" etc.

  1. Install Postgresql and related 
    2. su -c yum install postgresql postgreql-libs postgresql-jdbc postgresql-server postgresql-pl
  2. Download and install the JDK. You can download the JDK from the Java site. Be sure to download the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files or else the certificate generation will not work.

  3. Make sure that alternatives has the correct Java:
    4. /usr/sbin/alternatives --install /usr/bin/java java /usr/java/latest/bin/java 2
    /usr/sbin/alternatives --config java
  4. Test that the system is using the correct Java:
    5. java -version
  5. Our replication package requires compat-libstdc++-296 (and it's not yet a dependency).
    6. yum install compat-libstdc++-296
  6. The WiKID rpms require perl-libwww-perl, ntp and system-config-date
    7. # yum install ntp system-config-date perl-libwww-perl
  7. Download the WiKID rpms from Sourceforge and install them. You will need both the wikid-server-community-3.0.0beta rpm and the wikid-utility rpm. 
    8. su -c rpm -ivh wikid-*
  8. Configure your box for WiKID: 
    # /opt/WiKID/sbin/wikidserver_config.sh
  9. Reboot or run:
    10. #/opt/WiKID/conf/templates/wikid-firstboot.sh
  10. Setup the WiKID server. The WiKID token clients communicate with the WiKID via port 80 (https is not needed because the PINs and OTPs are asymmetrically encrypted, so you will need a routable IP address. If you are just testing, then just make sure that the PC running the client can get to the server. 
    11. /opt/WiKID/bin/wikidctl setup
    The script will pick up your existing network settings, walk you through them and create an SSL cert for the server.
  11. Once setup, start the server
    12. /opt/WiKID/bin/wikidctl start
  12. Go to https:///WiKIDAdmin/ to complete the set up. From here, you can follow the standard documentation. If you like short docs, I recommend the Quickstart Cheatsheet:

More Information

You may need to install the JCE Unlimited Strength Jurisdiction Policy Files to avoid the "Illegal Key Size error".

The WiKID token clients require port 80. You can use NAT, but it needs to be routable for the token clients. The following services may only need internal access based on your needs:

  • The WiKIDAdmin uses 443.
  • wAuth uses 8388
  • LDAP uses 10389
  • TACACS+ uses 49

Disclaimer

We test this stuff on our own machines, really we do. But you may run into problems, if you do, come to #fedora on irc.freenode.net

Added Reading
Start using WiKID today
Got Questions? Get Answers.