Installation Prerequisites
Before installing EJBCA, review this list of required software to be installed.
|
Java |
|
|
Supported and recommended. |
|
|
Using Java 17 requires an application server that supports it, such as WildFly 26+. If installing EJBCA Community Edition on Java 17, the PKCS11CryptoToken does not work due to the access-control boundaries defined by the JDK module system. To overcome the issue and avoid getting exceptions while creating the PKCS#11 token in EJBCA, the Java process that runs the application server is passed the JAVA_OPTS parameter "--add-exports=jdk.crypto.cryptoki/sun.security.pkcs11.wrapper=ALL-UNNAMED" The following shows an example of adding the JAVA_OPTS parameter to a typical WildFly installation: echo -e "\nJAVA_OPTS=\"\$JAVA_OPTS --add-exports=jdk.crypto.cryptoki/sun.security.pkcs11.wrapper=ALL-UNNAMED\"" >> /opt/wildfly/bin/standalone.conf |
|
|
OpenJDK is available for both Linux and Windows. There are also commercial JDK versions available, which may work but are not regularly regression tested by PrimeKey. The Oracle JDK (starting April 16, 2019) is one example of a commercial JDK. For more information, see Oracle Java SE Support Roadmap and Java SE Development Kit 8 Downloads. |
|
|
Application Server |
|
|
JBoss EAP 7.4 |
JBoss EAP 7.4 is currently recommended. See Application Servers. |
|
WildFly 26 is currently recommended. See Application Servers. WildFly makes frequent releases, and newer versions usually work well, but may not be regularly tested by PrimeKey. |
|
|
Databases |
|
|
EJBCA supports multiple relational databases such as MariaDB, MySQL, Oracle Database, PostgreSQL and others. MariaDB and MySQL are recommended. For more information, see Creating the Database. |
|
|
Build Tool |
|
|
Apache Ant 1.9.8 or later |
JavaScript support may be needed in Ant for some components. |
Next Step
Next, configure properties prior to the installation according to information in Managing EJBCA Configurations.