Difference between revisions of "Visimage3 Setup for Fiserv Online Clients"

From Vital Soft Wiki
Jump to: navigation, search
(New Stunnel Certificates (May 2024))
 
(15 intermediate revisions by the same user not shown)
Line 1: Line 1:
 
=== Visimage3 Setup ===
 
=== Visimage3 Setup ===
After installing Visimage3, Fiserv Online Clients '''must also install stunnel''' which is used to encrypt all communication between Visimage3 and the host. A special Fiserv installation of stunnel can be downloaded [https://www.vital-soft.com/download/secure/software/stunnel4visimage.zip here].
+
After installing Visimage3, Fiserv Online Clients '''must also install stunnel''' which is used to encrypt all communication between Visimage3 and the host. A special Fiserv installation of stunnel can be downloaded [https://vital-soft.com/?page_id=544&product=stunnel&release=current here].
 +
 
 +
=== Connecting to Spectrum Databases via Linux ===
 +
In Q3/Q4 of 2024, Fiserv will require that all Visimage3 connections be made via a Linux server.  When the transition is complete, clients will no longer be able to connect directly to HP-UX as had been done previously.
 +
 +
Click here for more [[Visimage3 Linux Connections for Fiserv Online Clients|details]] on updating users and task scheduler jobs to use the new Linux connection.
  
 
=== New Stunnel Certificates (May 2024) ===
 
=== New Stunnel Certificates (May 2024) ===
Effective May 13, 2024, clients must install new certificate files which can be downloaded [https://vital-soft.com/?page_id=544&product=visimage&release=current here].  Follow these steps to install the certificates:
+
Effective May 13, 2024, clients must install new certificate files which can be downloaded [https://vital-soft.com/?page_id=544&product=stunnel&release=current here].  Follow these steps to install the certificates:
 
<pre>
 
<pre>
 
unzip the Stunnel_Certs_May_2024.zip file
 
unzip the Stunnel_Certs_May_2024.zip file
copy stunnel.pem and certs.pem to C:/Program Files/stunnel/config
+
copy stunnel.pem and certs.pem to C:/Program Files/stunnel
 
restart the stunnel service (or reboot your PC)
 
restart the stunnel service (or reboot your PC)
 
</pre>
 
</pre>
Line 12: Line 17:
  
 
=== Stunnel Configuration ===
 
=== Stunnel Configuration ===
Once stunnel has been installed you must edit the stunnel.conf file and modify the [VisImage Client] section.  By default, the stunnel.conf file is located in C:\Program Files\stunnel.
+
Once stunnel has been installed you must edit the stunnel.conf file and modify the [VisImage Client] section or create a new section.  By default, the stunnel.conf file is located in C:\Program Files\stunnel.
 +
 
 +
The below sample shows 3 sections for '''users wishing to have easy access to HP-UX (Prod), Linux (Prod) and Linux (Cert)'''.  This setup is '''only''' for those users who are testing and need to be able to switch between multiple connections:
  
Locate this section:
 
 
<pre>
 
<pre>
 
[VisImage Client]
 
[VisImage Client]
 +
; Prod connection to HP-UX
 
client = yes
 
client = yes
 
accept = 30501
 
accept = 30501
connect = 172.21.1.40:30502
+
connect = 100.96.0.25:30502
 +
 
 +
[VisImage Linux Prod]
 +
; Prod connection to Linux
 +
client = yes
 +
accept = 30503
 +
connect = visimage.fiservapps.com:8004
 +
 
 +
[VisImage Linux Cert]
 +
; Cert connection to Linux
 +
client = yes
 +
accept = 30504
 +
connect = visimage-cert.fiservapps.com:8004
 
</pre>
 
</pre>
*Note that 172.21.1.40 is just a sample IP address, your specific address will be different.
+
Notes:
*Change the connect IP address from 172.21.1.40 to the correct IP address of your UNIX host and save the file.
+
* Section Name:
*It should not be necessary to modify the accept or connect ports.
+
** The name of the section is not important, but must be unique
*If you have already rebooted your PC since installing stunnel, stop and restart the stunnel service. Otherwise reboot.
+
* Accept Port:
 +
** The port must be different in each section
 +
** The port must match the port specified in the Visimage3 connection (see below)
 +
* Connect Address and Port for HP-UX connections:
 +
** The IP address shown is only a sample
 +
** The connect port will always be 30502 for HP-UX
 +
* Connect Address and Port for Linux connections:
 +
** Always use visimage.fiservapps.com for Prod, and visimage-cert.fiservapps.com for Cert
 +
** The connect port will always be 8004 on Linux
 +
 
 +
'''If you have already rebooted your PC since installing stunnel, stop and restart the stunnel service. Otherwise reboot.'''
  
 
=== Checking the Stunnel Restart ===
 
=== Checking the Stunnel Restart ===
Line 38: Line 67:
 
     | Host Port || 30501
 
     | Host Port || 30501
 
     |-
 
     |-
     | Host Profile Name || uname!live or uname!eom
+
     | Host Profile Name || username!live or username!eom
 
     |}
 
     |}
* Where uname is the username assigned by Fiserv. For example, joverton.
+
Notes:
 +
* When connecting via stunnel, the Host Address is always 127.0.0.1 (localhost)
 +
* The port number specified in the connection must match the corresponding '''Accept =''' port entered in the stunnel.conf file
 +
* The Host Profile Name is the username assigned by Fiserv. For example, joverton.
 
* The username is always followed by either '''!live''' (for the live databases) or '''!eom''' for the end of month (report) databases.
 
* The username is always followed by either '''!live''' (for the live databases) or '''!eom''' for the end of month (report) databases.

Latest revision as of 21:40, 20 August 2024

Visimage3 Setup

After installing Visimage3, Fiserv Online Clients must also install stunnel which is used to encrypt all communication between Visimage3 and the host. A special Fiserv installation of stunnel can be downloaded here.

Connecting to Spectrum Databases via Linux

In Q3/Q4 of 2024, Fiserv will require that all Visimage3 connections be made via a Linux server. When the transition is complete, clients will no longer be able to connect directly to HP-UX as had been done previously.

Click here for more details on updating users and task scheduler jobs to use the new Linux connection.

New Stunnel Certificates (May 2024)

Effective May 13, 2024, clients must install new certificate files which can be downloaded here. Follow these steps to install the certificates:

unzip the Stunnel_Certs_May_2024.zip file
copy stunnel.pem and certs.pem to C:/Program Files/stunnel
restart the stunnel service (or reboot your PC)

These certificates must be installed on all client PCs where Visiamge3 is installed. If you have a VM configured to execute Visimage3 tasks automatically, don't forget to install the new certificates on that system also.

Stunnel Configuration

Once stunnel has been installed you must edit the stunnel.conf file and modify the [VisImage Client] section or create a new section. By default, the stunnel.conf file is located in C:\Program Files\stunnel.

The below sample shows 3 sections for users wishing to have easy access to HP-UX (Prod), Linux (Prod) and Linux (Cert). This setup is only for those users who are testing and need to be able to switch between multiple connections:

[VisImage Client]
; Prod connection to HP-UX
client = yes
accept = 30501
connect = 100.96.0.25:30502

[VisImage Linux Prod]
; Prod connection to Linux
client = yes
accept = 30503
connect = visimage.fiservapps.com:8004

[VisImage Linux Cert]
; Cert connection to Linux
client = yes
accept = 30504
connect = visimage-cert.fiservapps.com:8004

Notes:

  • Section Name:
    • The name of the section is not important, but must be unique
  • Accept Port:
    • The port must be different in each section
    • The port must match the port specified in the Visimage3 connection (see below)
  • Connect Address and Port for HP-UX connections:
    • The IP address shown is only a sample
    • The connect port will always be 30502 for HP-UX
  • Connect Address and Port for Linux connections:
    • Always use visimage.fiservapps.com for Prod, and visimage-cert.fiservapps.com for Cert
    • The connect port will always be 8004 on Linux

If you have already rebooted your PC since installing stunnel, stop and restart the stunnel service. Otherwise reboot.

Checking the Stunnel Restart

After restarting the service (or rebooting) verify that the stunnel.log file has been updated. Open the log file in Notepad and scroll to the end of the file. If you do not see new entries written showing that the service was restarted then there is an issue with the configuration file. Double check that the stunnel.conf file still exists and was not accidentally renamed while it was being edited.

Visimage3 Server Configuration

When creating a Visimage3 connection, use the following parameters:

Option Value
Host Address 127.0.0.1
Host Port 30501
Host Profile Name username!live or username!eom

Notes:

  • When connecting via stunnel, the Host Address is always 127.0.0.1 (localhost)
  • The port number specified in the connection must match the corresponding Accept = port entered in the stunnel.conf file
  • The Host Profile Name is the username assigned by Fiserv. For example, joverton.
  • The username is always followed by either !live (for the live databases) or !eom for the end of month (report) databases.